Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Clone_App_Pro.apk

  • Size

    24.6MB

  • Sample

    241005-fb518swdlk

  • MD5

    4bcf0d6983fe4ed3cda5731f961228ef

  • SHA1

    a243bf1ff339b6ea2476c495dcfffca38d1ac34f

  • SHA256

    291736be5714ff97b5b73c142e76f4e9b39359fb051ceb766a0729809075d258

  • SHA512

    cd59c24b5b5b4bda9c58e7c2667617683f82e01e4973dcd106ef7d2d36c5c8c62c5e4e426b9d6c764584e1247fb861e9b9fe161b1ecb851a791cc5256afb2632

  • SSDEEP

    786432:JRLqls8FWa2NEx37S6kqdVc0NjbiBBzkIJr:JRaboa2NEXzdS0Ba

Malware Config

Targets

    • Target

      Clone_App_Pro.apk

    • Size

      24.6MB

    • MD5

      4bcf0d6983fe4ed3cda5731f961228ef

    • SHA1

      a243bf1ff339b6ea2476c495dcfffca38d1ac34f

    • SHA256

      291736be5714ff97b5b73c142e76f4e9b39359fb051ceb766a0729809075d258

    • SHA512

      cd59c24b5b5b4bda9c58e7c2667617683f82e01e4973dcd106ef7d2d36c5c8c62c5e4e426b9d6c764584e1247fb861e9b9fe161b1ecb851a791cc5256afb2632

    • SSDEEP

      786432:JRLqls8FWa2NEx37S6kqdVc0NjbiBBzkIJr:JRaboa2NEXzdS0Ba

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks