Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912.bin
-
Size
2.1MB
-
Sample
250202-1zwgxssjgl
-
MD5
172f3b1c92bf751c045edd590f4e8564
-
SHA1
d3f4be4eec491edaa1c6e05c946b09ee9957affe
-
SHA256
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912
-
SHA512
d575b91cce3fbef39439f346ffa023d1f284c4dae002b54555e74fcb1a4ee5bed6d4ef8c2a94deae643e3b4185f3d0605e0ac44ea1f97b7b796ca34bf97f3f20
-
SSDEEP
49152:eyAhOXQLFHlMNIIaqDoCDedB5X2D6jSkrBLeeoq5im6BCWTalV4C/046:GhM5NI1qMXdB5s6+kVLeeo4i9Bk3Lj6
Static task
static1
Behavioral task
behavioral1
Sample
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
hydra
http://playstoresgooglese.net
Targets
-
-
Target
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912.bin
-
Size
2.1MB
-
MD5
172f3b1c92bf751c045edd590f4e8564
-
SHA1
d3f4be4eec491edaa1c6e05c946b09ee9957affe
-
SHA256
fda84cc4843857a7177585b90e6fdbfc08b2285ce845de640fcb172e2e650912
-
SHA512
d575b91cce3fbef39439f346ffa023d1f284c4dae002b54555e74fcb1a4ee5bed6d4ef8c2a94deae643e3b4185f3d0605e0ac44ea1f97b7b796ca34bf97f3f20
-
SSDEEP
49152:eyAhOXQLFHlMNIIaqDoCDedB5X2D6jSkrBLeeoq5im6BCWTalV4C/046:GhM5NI1qMXdB5s6+kVLeeo4i9Bk3Lj6
-
Hydra family
-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests enabling of the accessibility settings.
-