Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ransomware2.zip

  • Size

    1.5MB

  • Sample

    240914-w1999ayemc

  • MD5

    bd4788c7afa5fa203d5766596a666cd6

  • SHA1

    03c163f395ae9eda318a2d124753a433f71bf5cd

  • SHA256

    5cc5882f96d54a18150cab2d494f0ea1e13822e9966cace59356c6eb1ec5a245

  • SHA512

    6718c6e0d743bee00422927b2bbcc7830cc5f10fe5711758ec3eba21385200e19f6455f16a56763008ca1092615f9d84a51080a7047a7c8016a3c95c2ff0e81c

  • SSDEEP

    49152:uQDHl0his9xHySHsiIjyBSSKAAETkQhJeU8CDcceZ:l7l0wQSSHJIjcBAETXhwU8CY

Malware Config

Targets

    • Target

      34d616fef212916b9e2d1c1fd0eb98245bce860cde3e0137578c6e7ac9f16c41.apk

    • Size

      1.8MB

    • MD5

      f24d513024256ad483ccdfd98eb1f636

    • SHA1

      c6971207994f57ede3754b56e223a49e195e46a0

    • SHA256

      34d616fef212916b9e2d1c1fd0eb98245bce860cde3e0137578c6e7ac9f16c41

    • SHA512

      fe204ea7da9764207290af4966097f30a224d56bd64302e043f1117df73185ff7ce3e6780a0ee27293dd9f3c717ef8f7561b77c36c8736bbe5dfa0e906f1020b

    • SSDEEP

      49152:qcRmCg2AMJczLRsC8caQalp4ulqTEfCmz+EDAOjWvoq/F:RDyW5czal3QRBfLvH

    • Checks if the Android device is rooted.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Reads the contacts stored on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks