Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

ready.apk

android-9-x86

7

ready.apk

android-10-x64

7

ready.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    01/12/2024, 12:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ready.apk

  • Size

    9.3MB

  • MD5

    37b914a3f92570c003056f76adf94dad

  • SHA1

    eafbb0757c9b6403855f7e7b56300e574697043d

  • SHA256

    113e901de420dc6478196f2b6e9ddde7d14e1bef4d1d6f1491806ef3c489ba1b

  • SHA512

    5b14e43a1106fcf51fe57f6433c37c57772b7dcf1347dbeea3e73cc50e1bebfab547411726e951906e689c20b5bed1101e422faf85e8778705746e75836ddc41

  • SSDEEP

    98304:tsGEvHzT40E7NWrwP3DypAWIsq+TO0NJn+Owt2mz+zBnTo0tg9Fh:ts5lE7NagG9Ip+TO0NJ5wtBz6TA

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • shopping.formerly.wizard
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    PID:4255

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-12-01.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-12-01.txt
    Filesize

    25B

    MD5

    218f39ffeadb6cb973f9ba2e5b9957fe

    SHA1

    3033a34ef64e30c1998b7810dbf7a4216a2d6012

    SHA256

    048b1526012ca83dcd970744b40b7e43b18b1c5c079e7b815bc2ad5b8bae3e8b

    SHA512

    6dd1b8d182be186784b726335beb670faffa3e9d6cf82d4d148aeb0f1f3f4f696eded5113e76d3f270385a04003a03942d278956e14ed7bf87275c001d133883

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-12-01.txt
    Filesize

    296B

    MD5

    b8a8a1e99fa56cf0ad2a156ec413c7c7

    SHA1

    ee87567485be5cab9514da1aa32d3eba85ef815b

    SHA256

    ec2be2685307977c77a8ca1b1e026648a8ee92a7d2c89d03d336539b11e69054

    SHA512

    b72f9bc968bdc82c9167a2c5ac3fe5588902e1aa3044a55acf1763f22acf4d498cedff1a53d53e452af842232cead4f234dbbedf5f6781e409270b1117863d7c

    Download Submit