Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
29s -
max time network
25s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
-
submitted
21/03/2025, 16:53
General
-
Target
176c15abd8129000e3aca8533e284861787a531e33ea0880de5653769ebaa218.apk
-
Size
8.2MB
-
MD5
55b16a8cc81fca626083e08630c79f73
-
SHA1
cc4446fc2563a72f3a1174ae950a8de27f7a72c9
-
SHA256
176c15abd8129000e3aca8533e284861787a531e33ea0880de5653769ebaa218
-
SHA512
c909ccacfee40f677ed89407248832e53fdb0c135e5dda375201b45782fdf357d411fbe5f1609926edb3283c46c16a3905479a68fe3589e9a8ea59ac78564a14
-
SSDEEP
98304:IT3Azfy9xAcCJla+YmAtgOJvIK2RRb8OpRTqiaWG9Mt8sraryz9Hhuww/IC/vS+G:pfEqJoLftgO1Qj98Nz+zzuwi/q+96iK
Malware Config
Signatures
-
Antidot
Antidot is an Android banking trojan first seen in May 2024.
-
Antidot family
-
Antidot payload 1 IoCs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.fonajo.encrypt1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Checks the application is allowed to request package installs through the package installer
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
593KB
MD585f35c08e102fb2a9d1451a408d5d973
SHA188b9244d1f245ccee803a386db9ba1e09a2f49c7
SHA25623294ed9676ecb2a60c111176c39cb49c177399f6ce0cd5e3a3fb6584886bf17
SHA512fee9ce329e3c4ec6e8cc8338e99c2a16e9e5d9578c46e7949a7e13233b6a844177be84cdfdebd976613af1b80c15bc4f01b9c4ad70164b2f749d9e371752fb1c
-
Filesize
593KB
MD5329d7b99cecd798fbe4e4885296b14c9
SHA110c820e42ae340b3df4ecc31149402169b62dbd4
SHA256607ce1608b77c6cb99af104864408c0d76e7541ef35344f174d74e9034f2aa97
SHA51250ce84b9aa3915a250a8140e5d28a09c6e43c97013dc4d254fda70ccbc1f5b70010c93aa7c8f4fa5bfd6a6c5d94d523f7167d4866a0fcdce298f06539038d626
-
Filesize
29KB
MD50e1f74eac2c2508267405189e72a0e96
SHA178a0b8c162f29794f9302e693b4fbe9b36cc775c
SHA256de0e1db248dbf7aa2c53915ec90ad427ff55da38385a260201ad84e7cdaca290
SHA512a856a8ee77ce7bc1b2d462ac408a077346b63a0c8681d83de1488b1e1b0932833a5c5169f6ba8486f801259d8ec2a6c02e7f872ba98d0e29ac9fc4f5a1105091
-
Filesize
24B
MD5ee60694aca917c33e2982676f6e0255a
SHA12bd59a69a1382b45292c1f5b9c40aac9a541c17e
SHA256a1afa06a1bdee7883c25af7aa44b4f2b98ea04d3ae963c3c441a98b85840c27a
SHA51272558c2d254287664f55155adefca1128f0d9bf957fc528a84e1370c6e0fce8416f575c9ae740099d04dc1f2bd8765dab563e3093899fe4cb922a75a80276f76
-
Filesize
8B
MD5e37d62159462b9f49d5a860b96e6a18b
SHA1cb65aba5ff2ac47d497f3864f45cb4bcc92b4659
SHA25614735db8eae8cb69d8b47bdffa810aa085a75179bf70ff817aec65935a9543a1
SHA5127648c8a99637abc0fc3b4c2365d4f985c17f6df47cbd19d920613d3d894f1e9dba2026315f798e74f54896fad42820c77b2a262a1be004a5a05ca94b95b1a19e
-
Filesize
112KB
MD52140f01197bd5d5abfed212c348d4430
SHA16b959168e894d68405d048ce0db32dae4e6dc3c1
SHA2566f23f92ae73340ae9b0f93e39a1f6f6d0cfb88208e5306605cd98ac82b59c487
SHA512c143c81a6068ff4bc08e8ddb4cf9da84964c3514ef021fe1e17f2448121d6c95c38bd4c5a2251200250b0888b3cc493802720190104457984029fee9c302847f
-
Filesize
512B
MD5ca51f08497f9461c24a44e388e08121f
SHA12a09dacdb84ad2c81d09623731971f31986c4a9b
SHA25600f368b0aa35a5e07806edc90e7cc66d5a8e562620e21b7dca35380a58061789
SHA512d4a191e4be9dc49743adcd83773736ef9a49a80d4b7fd9ef5d762c69506a0defb93bbeafb352a28b8abe4349ecada2a6d52d1a852ed4da98faabc555eceb889d
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
116KB
MD5bad266702e2defde8a871e1ea502bac4
SHA19f3a5f2f1a03d42f1cb02acbee2b5bee1f25ff81
SHA2562d94448fd628049ac9d73bacd82456ca65020307a0e58d863504a4ce39a51466
SHA512b486c811b0f580b8681fdd3e9b62cb05223b4580801ebe5d2b71dc66d432d312eb069997c563eac3e7e02fb4f39f9ed1da7bddba836dbc51bf85f11478f00c73
-
Filesize
426KB
MD54b58c723ea4d99ded6bf2152672c206c
SHA193758c41bd10a0e95bbfef9862f37aefb9613376
SHA25607b6c5701bd79a35eb2eadb64bf6ca4aef01f0839b93999d38c10036861e4cc3
SHA51224d2b3a03449ac750d87b13dc6a02ea6d975fcf7276b7e5a6c68da68115004252129ca3d53e4dafcf60c50fc67e1899021c212b04eb56f7c5595fe3692378757
-
Filesize
16KB
MD5666a37840e6d835b636198c27d4775c0
SHA140f433f6542a72dc999d8eeef4007cf4cfb30fbc
SHA256aa13cc615489aa85c3443de67a38c6341b9b8b633c894a4b618ddfb5a87a63d1
SHA512eb9a56ead55b20858dbd9d348b00093495391a9cd3e024c6adf8ba60d04ed72278a5ba0badc5919bd4a4f141c618935964125beca5a8e3333c5e03f2e32dff02
-
Filesize
1KB
MD5038ae35321cf60ef984a46fb6b50bdb4
SHA1bb67ff1b19f7d962d7c82691cdfa0481bdffaa5f
SHA25629c915f56be12cad077220934a6e9cf5f7ca6c032bc42599d5ffe68742bdcd39
SHA512910389a75f0ea31aea36e8e16e0282a05f6dec7097b7475cfaba22e2b7c41d55d3004462fd3e5e7270e527dcdb0f90ea8ed47092fca8f7838529bf68c62412c2
-
Filesize
1.3MB
MD557184c2ed638d075817a9821087f71f3
SHA114057a7f5bb31232d4a7ad8307e3dab740b8bc96
SHA256c62f01e5df2309e9f4ad21cbcbcc7868e73085fc894ac9d6860a931c4adf4b4a
SHA512d2383bf284b3231f977005f66d777592500e21916bd938b5e36ab18a6e27c36a713ec636615750c10bfd5d9a2ea7186ef2892df1cdb36ba794ebc1a12f96a768