triada | 75372e4899e8b4074cfa2ff2fa51ae30c7a9f9c82f01bfeedf77d5b07d9038a0 | Triage

Sharing

General

Target

Whatsapp-CuBlack-Clone-v17.apk
Size

80.2MB
Sample

240901-qpzrgsscmd
MD5

e6ff31beccb7ef842cbb08d117c44ba6
SHA1

8049a79abace487104507cf38f562912162a5244
SHA256

75372e4899e8b4074cfa2ff2fa51ae30c7a9f9c82f01bfeedf77d5b07d9038a0
SHA512

cbcba307f52d684d4bfa92344a0cf32887bc6fcafcbbc3eb16595263d6920273dbffbe71df2e9936fb99f85a38ce220f7eb74dc643749812df70f322a9222072
SSDEEP

1572864:P3uGZsJCC55suWYahu4H2U+X2itPwpJhq0Xe910KSY8EvlOjAQixW0MmDq3F:WhCaWY2zNoGqe410QOIW0rDq3F

Score

10^/10

triada android banker evasion impact infostealer trojan

Malware Config

Targets

- Target
  
  Whatsapp-CuBlack-Clone-v17.apk
- Size
  
  80.2MB
- MD5
  
  e6ff31beccb7ef842cbb08d117c44ba6
- SHA1
  
  8049a79abace487104507cf38f562912162a5244
- SHA256
  
  75372e4899e8b4074cfa2ff2fa51ae30c7a9f9c82f01bfeedf77d5b07d9038a0
- SHA512
  
  cbcba307f52d684d4bfa92344a0cf32887bc6fcafcbbc3eb16595263d6920273dbffbe71df2e9936fb99f85a38ce220f7eb74dc643749812df70f322a9222072
- SSDEEP
  
  1572864:P3uGZsJCC55suWYahu4H2U+X2itPwpJhq0Xe910KSY8EvlOjAQixW0MmDq3F:WhCaWY2zNoGqe410QOIW0rDq3F
Score

10^/10

triada banker evasion impact infostealer trojan
- Android Triada payload
- Triada
  Triada is an Android banking trojan first seen in 2016.
  trojan infostealer banker triada
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

triadabankerevasionimpactinfostealertrojan