Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
09/01/2025, 18:18
General
-
Target
JaffaCakes118_cee4b1fae8a45502d106a200593a9125.apk
-
Size
3.7MB
-
MD5
cee4b1fae8a45502d106a200593a9125
-
SHA1
627ef79b459b7e4c001ec298e7fae9f82f16fc97
-
SHA256
486d6a713d8c907df70a919729ac685328ab91a8977c2e352165640c4bd4d507
-
SHA512
8ce3d4580af1855f39bc4714490731ff4414b0d425dacfc64055b1fd0618495149d148fdcdcfab66c47542d63ab0c7af80a056a8f3faf506b5e0899526bd8087
-
SSDEEP
98304:S6YFtCZdYrO7+d00Vs18LnORE/TRZWT1wS/j3uoz:S6QCzYrOw00ayTPLTWT/5
Score
10/10
Malware Config
Extracted
Family
oscorp
Botnet
21070TCZ8Z
Signatures
-
Oscorp
Oscorp is an Android stealer that targets multiple financial information first seen in Feb 2021.
-
Oscorp family
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Requests enabling of the accessibility settings. 1 IoCs
Processes
-
hrevxqea.hgistuqw1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's Accessibility service
-
.Geny221⤵
- Requests enabling of the accessibility settings.