Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
burlaplayprotect.apk
-
Size
4.4MB
-
Sample
240808-z6e8vazdpj
-
MD5
6be7a0365bedfb6a47d801f4b43df7b1
-
SHA1
4a234cf09120ef29f0308921d749bc70a794c5df
-
SHA256
9c403a126032455b730e69886bf4062255be43013d50fb631f16a95eb68114ff
-
SHA512
acb39cab91357489939a4c05e6de191f0425470b51f17f17c3b44b7eb98eda7960d43d0a6b9cf5185479ecb8807ea995dbca18109a77cae3825d21718ae7520b
-
SSDEEP
98304:3yezBXTomz7p0t8tIXfan71TY43qaqkwT/kqIAKU8ZvGqZ2wqL0u:rXz7G8ofanZ84sk4I7UQvGq/u
Malware Config
Targets
-
-
Target
burlaplayprotect.apk
-
Size
4.4MB
-
MD5
6be7a0365bedfb6a47d801f4b43df7b1
-
SHA1
4a234cf09120ef29f0308921d749bc70a794c5df
-
SHA256
9c403a126032455b730e69886bf4062255be43013d50fb631f16a95eb68114ff
-
SHA512
acb39cab91357489939a4c05e6de191f0425470b51f17f17c3b44b7eb98eda7960d43d0a6b9cf5185479ecb8807ea995dbca18109a77cae3825d21718ae7520b
-
SSDEEP
98304:3yezBXTomz7p0t8tIXfan71TY43qaqkwT/kqIAKU8ZvGqZ2wqL0u:rXz7G8ofanZ84sk4I7UQvGq/u
Score7/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-