Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

6df98f4c4b...d8.apk

android-13-x64

10

6df98f4c4b...d8.apk

android-9-x86

10

base.apk

android-13-x64

10

base.apk

android-9-x86

10

Analysis

  • max time kernel
    6s
  • max time network
    30s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    21/03/2025, 17:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6df98f4c4b1a9c147a996854b9624d51828585fdabb6be0b56014d874d9f24d8.apk

  • Size

    6.9MB

  • MD5

    6f60dce97fd9ec8b39dae1e662fc2918

  • SHA1

    3285afaff80673b937235e026492796cc6b36afe

  • SHA256

    6df98f4c4b1a9c147a996854b9624d51828585fdabb6be0b56014d874d9f24d8

  • SHA512

    de0be2b2792ec19f4c68e44435cba426b6a58844fbed9f4b7876f5ba0286359a7ca28dcb7310948346087226b7f267c5b6f21be4d7a8a52cee26ff7339c6780a

  • SSDEEP

    98304:uDd2ZrWHFb3eMkRbAYMl6oUAuxDCWrauCY53h6bnl2C4mbgjFfyZGHsaGsiLQNNt:Q3AR/oUASWY53kaXiLqNkmrt

Score
10/10
tanglebotevasioninfostealerspywaretrojan

Malware Config

Signatures

  • TangleBot

    TangleBot is an Android SMS malware first seen in September 2021.

    trojaninfostealerspywaretanglebot
  • TangleBot payload 1 IoCs
  • Tanglebot family
    tanglebot
  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion

Processes

  • com.person.bar
    1⤵
    • Loads dropped Dex/Jar
    PID:4335
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.person.bar/app_DynamicOptDex/etr.json --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/com.person.bar/app_DynamicOptDex/oat/x86/etr.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4360

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.person.bar/app_DynamicOptDex/etr.json
    Filesize

    1.8MB

    MD5

    0714d8e43f0895b0e272d7c5fd619917

    SHA1

    3617c51e66309e59a882c9d4741836e25c4c0ca4

    SHA256

    931a6b1a7441862f09292edd61f5f8c20c19d2187079680089852c919d467424

    SHA512

    4abc3b710e5d5c73e96c369344cb02943a440c1a8827c3620f338c3a4175e3682c55022722bcafd5b5e91fc0ada019d0705ca73ce711459002cfe3795f56b6b9

    Download Submit

  • /data/data/com.person.bar/app_DynamicOptDex/etr.json
    Filesize

    1.8MB

    MD5

    65c94b8629a9875899398fae8df316cf

    SHA1

    74753ad794a58982907b8b667ff8581836f9a0f9

    SHA256

    d4b6e69b6a3185ad41f58fee3f9afd68c48c1c988bb85900c999aee55d80e0b0

    SHA512

    50105fb08693607ee0e894f8abb5c79c21de88676f80576f5410da1258ab92f241d703501dfc02c37f024e97497918f8a7327e26237fa53ec68f99974ef57436

    Download Submit

  • /data/user/0/com.person.bar/app_DynamicOptDex/etr.json
    Filesize

    4.4MB

    MD5

    f44c776a321d667e5fd88bb3d2fec909

    SHA1

    9d93f58a7de02a99402e31ae9e7783fdc692f097

    SHA256

    246cd9b0b122c604c32d0ab90c4e5c8b2b511e69517e9cee238d0d5d5d56167c

    SHA512

    201b87cad7afc0052e7c81d1b79db46b3b9929f6e85b3cb2591b8d5356a41a302aede72d2bd5805c395473a5f7941fe014e42162f0bf8f61f908d6bede569137

    Download Submit

  • /data/user/0/com.person.bar/app_DynamicOptDex/etr.json
    Filesize

    4.4MB

    MD5

    dae70994c5e4bebf0cbe276586cad230

    SHA1

    b294bdba96cda0cc4c65a2a7e6a10d24596d7c7a

    SHA256

    b98aae5fc5a57910a3a766c407260ed5e45c32973f4f166bbc64128bc2ebc4d3

    SHA512

    e944073fdf007d467556b45330347814d822fbc7f9510ca0be86933e27d4c48d9c8b2edb2830c6432713d0b1317546a6733f4338c33e1df1fedb0af625d74685

    Download Submit