Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

info.inf

android-13-x64

ready.apk

android-13-x64

7

ready.apk.idsig

android-13-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LrdDdoserAndroid.zip

  • Size

    3.7MB

  • Sample

    250201-wms4tatncz

  • MD5

    779cb017624a1d769f19246386d640e1

  • SHA1

    9ef872f9f15feab2e8663921f227416ec1f19243

  • SHA256

    e31bb84862eeb99d7db0337836964b27790c31ba5d8d33a2a5ec42483f91ddd9

  • SHA512

    985a5e417b632c34dc5851ac710b91e01a2badfeb6101d41cf951d9a9cd61e1a477221f89c255a70546cb2990ac8b4897c396e1169e048ee194ca48a8ff0f1c0

  • SSDEEP

    98304:2+1drFzinMRAG8RUa52lPAiXADr1sS8iyjJ04QuNIRo:2uN8MR9eUa5uY3Dr1eJuoN3

Score
10/10
spynoteandroidbankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      info.inf

    • Size

      91B

    • MD5

      6e71982eb22aa426cc129cf8a613af61

    • SHA1

      9ffc5b2a37777757f3ce41b7f12dedbcb695cc43

    • SHA256

      72ad18846c2b671fd68df0cf598ad41427677b1a021012a8dad638ba7a04cd69

    • SHA512

      60698ddf707a9b4a1855b0153cc7c394112a8987614f453fe4b90ea883f493d07d188f472c977bfabd2a6691b705fb8df31e9e7ddfc76b1eac4865c1e2771acc

    Score
    1/10
    behavioral1

    • Target

      ready.apk

    • Size

      9.5MB

    • MD5

      d0b1a5dcb4b3bf75ae066aa0c6586a30

    • SHA1

      4f5d12866d66e37a103f77f6063b4181bd9db0d3

    • SHA256

      91652ab38904ea524575639e73c303b76c7547889df974045e109c6cc7b3978a

    • SHA512

      d7787e6f893ba2e993a739860c5aef0e8c68c8cf0079bdfed8e03022a4c99e15c8172dc477f28029faad26d5b9bedd15e796fd31599e7c9be81c25b424be5a1d

    • SSDEEP

      98304:AlA+F4ZOZXI7ilRhDBJTNaFLxi1ee5dgcMhsJ7jamz/zzBHTs0tchl70c:AlAGqmrJdJTUx4ee5unsFVz/9/8

    Score
    7/10
    bankercollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Locks the device screen

      Application may abuse the framework's APIs to lock the legitimate user out of the device.

      defense_evasionimpact

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectiondefense_evasioncredential_access

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      defense_evasionpersistence
    behavioral2

    • Target

      ready.apk.idsig

    • Size

      81KB

    • MD5

      b2a543638494122e92d5d630115edb24

    • SHA1

      8e25e5a4b6e8cf7e0e2eba6949fc38ef0052123b

    • SHA256

      e2bb1e65aed3b43f13ca8a7734758dfda8171ad6f1ebb4de041bda6539f3e4df

    • SHA512

      a4490edeb631330c230c709581e07ba7c46ddb34e3a2a97ab62edabc9a2fe2b858eb3e2f1afb56e24498db03de02f27d97a9564a3f59da2851103bf13ebb3bad

    • SSDEEP

      768:U2JReM8fTUqLGfo/a//E/DfwRstnyAP75rEAoC0yLkzs4r/F3:nR8fTU1Uoc/IslyA4C+z

    Score
    1/10
    behavioral3

MITRE ATT&CK Mobile v15

Tasks