Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

fake-virus.apk

android-9-x86

8

Resubmissions

10/03/2025, 15:59 UTC

250310-tfh9xszqy6 10

10/03/2025, 15:54 UTC

250310-tce34azzfx 10

10/03/2025, 15:43 UTC

250310-s55c1szybt 10

10/03/2025, 15:26 UTC

250310-svfa5szthx 10

09/03/2025, 10:13 UTC

250309-l9dbrszwds 10

09/03/2025, 10:10 UTC

250309-l7g7yazwcw 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fake-virus.apk

  • Size

    8.2MB

  • Sample

    250310-s55c1szybt

  • MD5

    e2c4959d4484edd616c056c17de2d037

  • SHA1

    cbf01cde604b32b2096746dcc2101cfff27de569

  • SHA256

    7a77ec98d9117cb74bc0e8122e6dc738a03e14a5d2d3a5e5ce14685b34f32b8c

  • SHA512

    4ae17163878f91dbcc8bb02c7866ba5e965dc4d8c3fdd52d8f4b74954570d7ec8f917581edde0b400f05f9ec5598a2c0144c3a99adac6a1623972289e026a936

  • SSDEEP

    196608:arf3nyG0P3oOMzCu+jXEvL2jsO/itHmsDgn07M/sXVZjSjbZ1:abXjqRMOBXg6/GHmsDg0MEXVJc

Score
10/10
antidotandroidbankerdefense_evasiondiscoveryexecutionpersistence

Malware Config

Targets

    • Target

      fake-virus.apk

    • Size

      8.2MB

    • MD5

      e2c4959d4484edd616c056c17de2d037

    • SHA1

      cbf01cde604b32b2096746dcc2101cfff27de569

    • SHA256

      7a77ec98d9117cb74bc0e8122e6dc738a03e14a5d2d3a5e5ce14685b34f32b8c

    • SHA512

      4ae17163878f91dbcc8bb02c7866ba5e965dc4d8c3fdd52d8f4b74954570d7ec8f917581edde0b400f05f9ec5598a2c0144c3a99adac6a1623972289e026a936

    • SSDEEP

      196608:arf3nyG0P3oOMzCu+jXEvL2jsO/itHmsDgn07M/sXVZjSjbZ1:abXjqRMOBXg6/GHmsDg0MEXVJc

    Score
    8/10
    bankerdefense_evasiondiscoveryexecutionpersistence

    • Checks if the Android device is rooted.

      defense_evasion

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      defense_evasion

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

      defense_evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      defense_evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.