Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
28/09/2024, 04:59
General
-
Target
PouUniverseSpyWare.apk
-
Size
24.1MB
-
MD5
df9fbe5add0819e5689c905ab5d56153
-
SHA1
fe7a0401d1221cb29b624e24e04f3f23c65dfd65
-
SHA256
0996ed9acb21ea6f0a88c337e5b85bcf64e74f972458a6615078710ae5e7529f
-
SHA512
bb531940a94b6f6e04f218eddd3d3fb985452bf11705072a324dfc3187a0bcba99f5717778b58a2af80df58948cd56fa2eb0f673935a176621687a8d7a28e5d2
-
SSDEEP
393216:P3On7OgumPypg+m9tak1e7b0x2TmEdlrsavEVyaKgZg:mn7bumP19takIox2S0gavEVyaKL
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
me.pou.app1⤵
- Makes use of the framework's Accessibility service
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD5c52c1ddf42f48d81517c89befbe9626d
SHA109baf03f50345c6864c7a0460513f5b976c5da6e
SHA256edda4c0a75329a5e5a09bbc11e0084afab409d6d0866ee9a0132c7a0d502f5b6
SHA51284f86bf51fa6116369a9984482c522b6bdd41605860667c272f5d06f26bce0023d1ed6b61e822d11c1682707e0ce39da44f023b074690cdf60856f3460567cc5
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5acd6f529a14839fa83a344424e40bbae
SHA14ea9b9506fc82213ed7575a74bed7f03c49a567f
SHA256a61758ef51426f9d81815f2a3b9e62dcd713bb3079ed34d1393d06ebf7d5d9fe
SHA512da89ae2d149f9ed83b41fe65d713cfa9164a8a11c86d1090c8e8d058eb26cc5c2d817b58ba8f9cc739c18dbfdb15741c9aa20a87ab2fa33956ab9a2f78d8917e
-
Filesize
108KB
MD5248601e83540be7af410269bef45660d
SHA159ac55aea321fd4a8b3777d318d36b225c5d4bd1
SHA256c9fc25ce72b299be50e1695241ac142ec476c2087ca9ce816cfc3d9025903090
SHA512f222c32111bb906cea7cb525c79e03ebba888e20eb0f790c30660104123dcb2a15ab4aa510eb1b7b723ec91b3d0d5f9e7ccafae0ff9bcf95aafe17c6d3cfc49f
-
Filesize
20B
MD5b8deadba038c6ac8e45d559fd84adacc
SHA13383285e0498b7643afd3b08ac482e17b820d973
SHA2567681a78c2a61972a65f630a6abb23e40665214e87cea40c5749c99840e67a40f
SHA5129af0872da8b07e9c79ac69d36da0842d2cbe7a2a4f4d7d2c798548a55c3c60e07de0127250a72150dbd22cff48132b098b337b9dfeeed212e81fb1eb5550333c
-
Filesize
16B
MD5b91ea17ab22fa4171a9dcff0821928e2
SHA11c0732926d019c4003c49ddc26fa6cfbafaee9ad
SHA25677b4dc7e00340b8ec43533e78a407991be2b3b2acb88813abfc5fd34e53c9aac
SHA512e442b9833b325426199d743753fb3c9430275301e4db6de8bfd78ee67ac71fcfc154ecbb4d1f7bd6c9c7d7dbaeb217dc63cd822f928b73d9e60d7236a75eaf09
-
Filesize
16B
MD5207fc2fa1cf7511e8903df1c9e411395
SHA17e3ab753c66771b726cd4fbc0e168d2451454190
SHA256633a98f0dcd107779a8d37591b106db9df985597226ddfa859e31765db5d2bfd
SHA512fb9b70b6956941e51b0fdc337dc65949042033ea058ea1c4c7327abeec949c93e8b77e5569ca60d2e1f36f89aefe57330febe854747d7f82169e9440a267b1a9