Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
68s -
max time network
70s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system -
submitted
05/11/2024, 16:51
Behavioral task
behavioral1
Sample
VPN Service Pro .apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
VPN Service Pro .apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
VPN Service Pro .apk
Resource
android-33-x64-arm64-20240910-en
Behavioral task
behavioral4
Sample
VPN Service Pro .apk
Resource
android-x86-arm-20240910-en
General
-
Target
VPN Service Pro .apk
-
Size
9.4MB
-
MD5
2ae3b1faf664cb347b8d81dfcddea167
-
SHA1
acdaa4d3b3ae29442567e46baaee7b3932d000d0
-
SHA256
d492cf0729e9e846be934ba081dec52c6136141e31dc50a533731f62522d1f9a
-
SHA512
f0a6e2a561ba0f56a27a1e09a5a768d929f08f07bee2269f2be4bfac90095c28c6a631edf58df5422f1acd4a55f55bf41bdd2b95cda5fa3a35ab345d5bb9e6f0
-
SSDEEP
98304:3l/tPUSu0e0livUDtcX+VCvwx49G0PGucKMIAmzRzBHT40tlSCAB:3DsP0rlivUDtVYIx41YFI/zfjS
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
description ioc Process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId european.tubes.agreement -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock european.tubes.agreement -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground european.tubes.agreement -
Requests enabling of the accessibility settings. 1 IoCs
description ioc Process Intent action android.settings.ACCESSIBILITY_SETTINGS european.tubes.agreement -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule european.tubes.agreement
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13B
MD5de2c41a51ee9246eb1708f65b511add0
SHA12f442d634c8a18760a232c8829d4b5d74a52f074
SHA256ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab
SHA5127cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a
-
Filesize
25B
MD5ba30336bf53d54ed3c0ea69dd545de8c
SHA1ce99c6724c75b93b7448e2d9fac16ca702a5711f
SHA2562d6988fb5afdaafc4e33fa1f71d6f10c95ab5a49a8ec820add5b13eef05439af
SHA512eea34ca526e03349e746d3687ea660b4748f0174fe2ffdb65161e232e08630b345e03329614852ce881a71362ba68575e9dd08fa361a416e5b2fb231e21a0a3e
-
Filesize
223B
MD501c31a64fbc7d202c1b12c96291b3483
SHA1874f08cbe6d1056437a2e7b347a6eab9c899c1fe
SHA256435a58e2fae46db3716f9f7b512442308cffed4a79a43196064e29704fafa99b
SHA5120f726db8f3f15e24247d49711f178219d33b375cb0ba6d27818e63bf18feafe281ec6b28dbc1cb55ca2c72bda672869ee6c5e79678bf7acdacdcdd42c06cb8bb