Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
no_dropper.apk
-
Size
3.6MB
-
Sample
241211-mrnkfsyqfv
-
MD5
89c4c3287a0f19fdd722b0c13e68b0ce
-
SHA1
3bc5858cec98a101bc63a4401d21a1d0b8922076
-
SHA256
12d94320a25c1496ae3c7d326e07d4d92d34381d7b821f58ef9f4e135612c6d8
-
SHA512
13944a4cc38396ab5670eac3e63e8e9642507bdc81a7cb644880bed30563163fc9d72e81f687096da87b72dbc04365e16d2f5d0d0510ba979e785a3623473b3c
-
SSDEEP
98304:Yg1y8VpuJVX9wmPqE2kmggcjIV6IldYpJJtYkCufNSAkLCjzLi:Hy8VpuJVrqE2k9gcjI1EJSkCuVSBC/+
Malware Config
Targets
-
-
Target
no_dropper.apk
-
Size
3.6MB
-
MD5
89c4c3287a0f19fdd722b0c13e68b0ce
-
SHA1
3bc5858cec98a101bc63a4401d21a1d0b8922076
-
SHA256
12d94320a25c1496ae3c7d326e07d4d92d34381d7b821f58ef9f4e135612c6d8
-
SHA512
13944a4cc38396ab5670eac3e63e8e9642507bdc81a7cb644880bed30563163fc9d72e81f687096da87b72dbc04365e16d2f5d0d0510ba979e785a3623473b3c
-
SSDEEP
98304:Yg1y8VpuJVX9wmPqE2kmggcjIV6IldYpJJtYkCufNSAkLCjzLi:Hy8VpuJVrqE2k9gcjI1EJSkCuVSBC/+
Score7/10-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Defense Evasion
Foreground Persistence
1Hide Artifacts
1User Evasion
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
Process Discovery
1System Information Discovery
1System Network Configuration Discovery
1