Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

8dde417520...f1.apk

android-9-x86

8dde417520...f1.apk

android-10-x64

10

Analysis

  • max time kernel
    5s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    10/01/2025, 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dde4175208409616454647991f27384b94f529f6740285bbb9561c07dbd0af1.apk

  • Size

    1.6MB

  • MD5

    9247b93b661123710d406698ca236f5b

  • SHA1

    e31798395d56ea9451d408001be4171dfcdf0a48

  • SHA256

    8dde4175208409616454647991f27384b94f529f6740285bbb9561c07dbd0af1

  • SHA512

    dcece60635af1bdacac3411e3f308c56d071e8cbbb25358f3a6bf6b6c6fa22dfe8c1efc9890c6819e4a4a24421ad3047fbbb631727b7dfa8afe7ae62b82507ff

  • SSDEEP

    49152:cD+nnWUIxonZzsnK1jYHtKnDzPAGsYGABIs/G+TB6BrRA441tGX3CJX91L10:cIWF2zsnK1utKDps3ABIL+16tRJ414Xt

Score
10/10
octobankerdiscoveryevasioninfostealerrattrojan

Malware Config

Extracted

Family

octo

C2

https://otorisotobuyukisyan.xyz/MzhiMTg0NTAwOTY5/

https://otorisotomakineler.xyz/MzhiMTg0NTAwOTY5/

https://otorisotoyukselishik.xyz/MzhiMTg0NTAwOTY5/

https://otorisotokontrol.xyz/MzhiMTg0NTAwOTY5/

https://otorisotomucadele.xyz/MzhiMTg0NTAwOTY5/

https://otorisotodunyasiyasi.xyz/MzhiMTg0NTAwOTY5/

https://otorisotogelecek.xyz/MzhiMTg0NTAwOTY5/

https://otorisotoveintikam.xyz/MzhiMTg0NTAwOTY5/

https://otorisotouyanisi.xyz/MzhiMTg0NTAwOTY5/

https://otorisotomakineleri.xyz/MzhiMTg0NTAwOTY5/

https://otorisototarihiyolu.xyz/MzhiMTg0NTAwOTY5/

https://otorisotoinsani.xyz/MzhiMTg0NTAwOTY5/

https://otorisotogucoyunu.xyz/MzhiMTg0NTAwOTY5/

https://otorisotopaylasim.xyz/MzhiMTg0NTAwOTY5/

https://otorisototeknoloji.xyz/MzhiMTg0NTAwOTY5/

https://otorisotomakinasanati.xyz/MzhiMTg0NTAwOTY5/

https://otorisotoplatform.xyz/MzhiMTg0NTAwOTY5/

https://otorisotomucadelesan.xyz/MzhiMTg0NTAwOTY5/

https://otorisotoarastirmasi.xyz/MzhiMTg0NTAwOTY5/

https://otorisotounutulmaz.xyz/MzhiMTg0NTAwOTY5/
rc4.plain

Signatures

  • Octo

    Octo is a banking malware with remote access capabilities first seen in April 2022.

    bankertrojaninfostealerratocto
  • Octo family
    octo
  • Octo payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery

Processes

  • jp.neoscorp.android.valuewallet.sole
    1⤵
    • Loads dropped Dex/Jar
    PID:4930

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/jp.neoscorp.android.valuewallet.sole/app_gesture/QPXrsB.json
    Filesize

    153KB

    MD5

    3324df26b8e397c2aeec68f647670f97

    SHA1

    6764ea7bdb4bf17304a9ef7bba62ca9f4375252c

    SHA256

    91e3cf490da694f7303c4e84918cbf3adf3d6ef04fa4e31556ec65ad7988c3f6

    SHA512

    6ba19fa2c5a2ce2f3bdd421dfc95361a72fde4b09b207dfe04d6b5f8eadfc0b7a2e27689c3eccfca7c3fc36da18b9ff80b37d02bebf6743e9d0476863627e57a

    Download Submit

  • /data/data/jp.neoscorp.android.valuewallet.sole/app_gesture/QPXrsB.json
    Filesize

    153KB

    MD5

    eac8f7f826a346e53a156c81bec1291b

    SHA1

    36f4e2e0a40c41b647a173bb24dfada64382303b

    SHA256

    f0670a5bb81e1031b13e406a0fc83d35bf7fbefcb11000b1a9e70e536bb60cd4

    SHA512

    63e4bd29922f311fef2ca53924a7f43279d822630df9df322b2e6f225580a02a56c14961c9e19a8fe89ec7506239e67e9e21b12fd4f45961ebd4b8dd86f95284

    Download Submit

  • /data/user/0/jp.neoscorp.android.valuewallet.sole/app_gesture/QPXrsB.json
    Filesize

    450KB

    MD5

    2b1a579650b99b4bae11ba1bf6cacc74

    SHA1

    517703dcb8e0a4ddc73e7e1e32dabf9f6dc4bfa9

    SHA256

    e7d9dff9205346302f6f2dc2b328dcd711eeb013f1c32fa364b7cfe30af071e1

    SHA512

    2329400627195904240b65d1069e10bbd5b71544b4fe8e4f040021d12396853f1d7b0cb6dace00874dde5753138f6c0260b45f4bf404db1204a367765b2c123e

    Download Submit