Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a2c4875714...2c.apk

android-9-x86

7

a2c4875714...2c.apk

android-10-x64

7

a2c4875714...2c.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2c4875714b92fdaca68879b3227c937d57867479d9975465bc3a8413966342c.zip

  • Size

    9.3MB

  • Sample

    241106-dtqyxssrcv

  • MD5

    b9f9b3f15f1d46b2fcc7603c27fdd162

  • SHA1

    d07bb872d7f523e113986690302cd49577d4ddf8

  • SHA256

    a2c4875714b92fdaca68879b3227c937d57867479d9975465bc3a8413966342c

  • SHA512

    7619ac4ce1e727e56b7abad8663de921fa4ad5145d8100dc3099013f0f89c69d6412db8ecbe4d5a1d9566aecf30e9d2f5b8343ad9d5c9266faae5bcbca4c8583

  • SSDEEP

    98304:0OZqx0VfLBQ/kFx3zX6LInnvAjC/D80uemzvzBaTD0tYaWN:exSLBQc/3zX68vAjC/Pu5z8Mk

Score
10/10
spynoteandroidbankercollectioncredential_accessdiscoveryevasionexecutionpersistence

Malware Config

Targets

    • Target

      a2c4875714b92fdaca68879b3227c937d57867479d9975465bc3a8413966342c.zip

    • Size

      9.3MB

    • MD5

      b9f9b3f15f1d46b2fcc7603c27fdd162

    • SHA1

      d07bb872d7f523e113986690302cd49577d4ddf8

    • SHA256

      a2c4875714b92fdaca68879b3227c937d57867479d9975465bc3a8413966342c

    • SHA512

      7619ac4ce1e727e56b7abad8663de921fa4ad5145d8100dc3099013f0f89c69d6412db8ecbe4d5a1d9566aecf30e9d2f5b8343ad9d5c9266faae5bcbca4c8583

    • SSDEEP

      98304:0OZqx0VfLBQ/kFx3zX6LInnvAjC/D80uemzvzBaTD0tYaWN:exSLBQc/3zX68vAjC/Pu5z8Mk

    Score
    7/10
    bankercollectioncredential_accessdiscoveryevasionexecutionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.