Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
125s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
28/08/2024, 22:04
Static task
static1
Behavioral task
behavioral1
Sample
72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77.apk
-
Size
708KB
-
MD5
8b97d95530d77edc99798a41301b13f0
-
SHA1
e2699e9aa3a2c6929fe2ee38bc5adc40cb45dee8
-
SHA256
72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77
-
SHA512
12c71b114519fd81655b4cabd0f0d8525e5cbe7e4d5f6f7533c165ada165646b2ad36c44520b8db646449d7621b416258f636c159b1e95be67c3a419719c6285
-
SSDEEP
12288:UbBPL/DCtv4xyQzx7AS0ptHn2E7IYGfk3Cj0AGVBiGWidPjfbKna4GHHAwpZbz7r:eLXxtyS0ptHyUCgAXidrfbKnehXjf
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener j.j.j -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone j.j.j -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver j.j.j -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal j.j.j -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo j.j.j -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo j.j.j
Processes
-
j.j.j1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4963