Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

176c15abd8...18.apk

android-9-x86

176c15abd8...18.apk

android-10-x64

10

176c15abd8...18.apk

android-11-x64

10

sitiriviyapi.apk

android-9-x86

sitiriviyapi.apk

android-10-x64

10

sitiriviyapi.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    21/03/2025, 16:56 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    176c15abd8129000e3aca8533e284861787a531e33ea0880de5653769ebaa218.apk

  • Size

    8.2MB

  • MD5

    55b16a8cc81fca626083e08630c79f73

  • SHA1

    cc4446fc2563a72f3a1174ae950a8de27f7a72c9

  • SHA256

    176c15abd8129000e3aca8533e284861787a531e33ea0880de5653769ebaa218

  • SHA512

    c909ccacfee40f677ed89407248832e53fdb0c135e5dda375201b45782fdf357d411fbe5f1609926edb3283c46c16a3905479a68fe3589e9a8ea59ac78564a14

  • SSDEEP

    98304:IT3Azfy9xAcCJla+YmAtgOJvIK2RRb8OpRTqiaWG9Mt8sraryz9Hhuww/IC/vS+G:pfEqJoLftgO1Qj98Nz+zzuwi/q+96iK

Score
10/10
antidotbankercollectioncredential_accessdefense_evasionevasionexecutionimpactinfostealerpersistencetrojan

Malware Config

Signatures

Processes

  • com.fonajo.encrypt
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Checks the application is allowed to request package installs through the package installer
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4762

Network

  • flag-au
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.200.46
  • flag-au
    DNS
    www.youtube.com
    Remote address:
    1.1.1.1:53
    Request
    www.youtube.com
    IN A
    Response
    www.youtube.com
    IN CNAME
    youtube-ui.l.google.com
    youtube-ui.l.google.com
    IN A
    172.217.169.78
    youtube-ui.l.google.com
    IN A
    216.58.204.78
    youtube-ui.l.google.com
    IN A
    172.217.169.46
    youtube-ui.l.google.com
    IN A
    216.58.201.110
    youtube-ui.l.google.com
    IN A
    142.250.187.206
    youtube-ui.l.google.com
    IN A
    216.58.213.14
    youtube-ui.l.google.com
    IN A
    142.250.187.238
    youtube-ui.l.google.com
    IN A
    142.250.200.46
    youtube-ui.l.google.com
    IN A
    142.250.178.14
    youtube-ui.l.google.com
    IN A
    142.250.180.14
    youtube-ui.l.google.com
    IN A
    142.250.179.238
    youtube-ui.l.google.com
    IN A
    172.217.16.238
    youtube-ui.l.google.com
    IN A
    142.250.200.14
    youtube-ui.l.google.com
    IN A
    216.58.212.206
    youtube-ui.l.google.com
    IN A
    172.217.169.14
  • flag-au
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.200.14
  • flag-au
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.250.178.8
  • 142.250.200.46:443
    tls, https
    920 B
     40 B
     1
    1
  • 142.250.200.46:443
    android.apis.google.com
    tls
    999 B
     4.5kB
     8
    7
  • 142.250.200.46:443
    android.apis.google.com
    tls
    2.5kB
     6.0kB
     11
    10
  • 172.217.169.78:443
    www.youtube.com
    tls
    2.1kB
     8.4kB
     18
    15
  • 142.250.200.14:443
    android.apis.google.com
    tls
    2.6kB
     6.0kB
     12
    11
  • 142.250.178.8:443
    ssl.google-analytics.com
    tls
    1.3kB
     6.2kB
     9
    8
  • 216.239.36.223:443
    520 B
     10
  • 216.239.36.223:443
    tls, https
    128 B
     40 B
     2
    1
  • 142.250.200.1:443
    tls
    135 B
     40 B
     2
    1
  • 216.58.212.193:443
    tls
    135 B
     40 B
     2
    1
  • 216.239.36.223:443
    tls, https
    128 B
     40 B
     2
    1
  • 216.239.36.223:443
    tls, https
    128 B
     40 B
     2
    1
  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.200.46

  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    www.youtube.com
    dns
    61 B
     335 B
     1
    1

    DNS Request

    www.youtube.com

    DNS Response

    172.217.169.78
    216.58.204.78
    172.217.169.46
    216.58.201.110
    142.250.187.206
    216.58.213.14
    142.250.187.238
    142.250.200.46
    142.250.178.14
    142.250.180.14
    142.250.179.238
    172.217.16.238
    142.250.200.14
    216.58.212.206
    172.217.169.14

  • 172.217.169.78:443
    www.youtube.com
    https
    1.4kB
     54 B
     1
    1
  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.200.14

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    70 B
     86 B
     1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.250.178.8

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.fonajo.encrypt/app_giraffe/PhfdZ.json
    Filesize

    593KB

    MD5

    85f35c08e102fb2a9d1451a408d5d973

    SHA1

    88b9244d1f245ccee803a386db9ba1e09a2f49c7

    SHA256

    23294ed9676ecb2a60c111176c39cb49c177399f6ce0cd5e3a3fb6584886bf17

    SHA512

    fee9ce329e3c4ec6e8cc8338e99c2a16e9e5d9578c46e7949a7e13233b6a844177be84cdfdebd976613af1b80c15bc4f01b9c4ad70164b2f749d9e371752fb1c

    Download Submit

  • /data/data/com.fonajo.encrypt/app_giraffe/PhfdZ.json
    Filesize

    593KB

    MD5

    329d7b99cecd798fbe4e4885296b14c9

    SHA1

    10c820e42ae340b3df4ecc31149402169b62dbd4

    SHA256

    607ce1608b77c6cb99af104864408c0d76e7541ef35344f174d74e9034f2aa97

    SHA512

    50ce84b9aa3915a250a8140e5d28a09c6e43c97013dc4d254fda70ccbc1f5b70010c93aa7c8f4fa5bfd6a6c5d94d523f7167d4866a0fcdce298f06539038d626

    Download Submit

  • /data/data/com.fonajo.encrypt/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    60fcdc67edf43d42d2067648db4d89f6

    SHA1

    03bfc85bc6f7969e69881bd873663ebb75d9e583

    SHA256

    a445f6f7fe5b85f7743774749445355a7c8edf60d370e32b80e69541235d147f

    SHA512

    0e3962c36bb4f062629eab5287c2f32a9150ba5f20d687825d1fd3536240713f3ca208fcef6158ea34ac707f4dee5ab8c296d75dc07c09919fa4edbc8bb6d913

    Download Submit

  • /data/data/com.fonajo.encrypt/no_backup/androidx.work.workdb
    Filesize

    184KB

    MD5

    a8b65f2dc97f604052c6f4b46dc70195

    SHA1

    195c88cc0e11067adbbaf9ef95ebfd85f16ef06d

    SHA256

    945973874db0089e89aff4fe273e08dc3443c51bbab646220cec75d9f0a01976

    SHA512

    6c81e019edd63ab319cbfdd904f7c30f9eda16a46f2607c66d2bbddd83d6e859b1b62bb18b54eda7f643d058592d0650ae6a858f59e96ad1eb7de8792632ce24

    Download Submit

  • /data/data/com.fonajo.encrypt/no_backup/androidx.work.workdb-journal
    Filesize

    512B

    MD5

    99afa84c028f2677351d4c9baf485649

    SHA1

    6d2b000d7922faf256e6b1488d5e9252a7381746

    SHA256

    76c4acc235aeffc58c346b7fddbdca7d05a4bc2d5ed37aee7621b80d17760dc3

    SHA512

    27329639ad8f084be38fde03fec389da3b9c3e34dd8f07e1e313c1ce7aa56b573f7872f0dfd7602165cb91a03a46034929b5fa977f20f71a78c7e6237ae43788

    Download Submit

  • /data/data/com.fonajo.encrypt/no_backup/androidx.work.workdb-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit

  • /data/data/com.fonajo.encrypt/no_backup/androidx.work.workdb-wal
    Filesize

    422KB

    MD5

    8c153f80626d4c40d8a6144fb66bc21c

    SHA1

    102734d1808a30793ae12e4b5aaab1bc93adef24

    SHA256

    388ec0680db32acc931407655d04909be37ddf514430e8e968a0fb1d4c6f4881

    SHA512

    431141121650ec85482066e3a4256733eb17ec3f6078d2b9a371b663f36a79e4821b7e3c1e9c0e151625bf284265ee269afee742708b58cca02ea825726b32f0

    Download Submit

  • /data/data/com.fonajo.encrypt/no_backup/androidx.work.workdb-wal
    Filesize

    16KB

    MD5

    f674adf43ff9228a29c59843fd03b79b

    SHA1

    fa55b4c54eeec987a000fd740ea57bfd75bb7c29

    SHA256

    911f3294d272a7b9c4e213112512cf3222703f69b7cd956ea5a1dccc41c8a25e

    SHA512

    0814193eefa3080187b51ac755d2ccb62a874fdc09241e2b4824c8e60b7a5faf9a1c4f211d7455fa63bbdd2b12a470f3386aeec2185ce65a96864daf1c24da82

    Download Submit

  • /data/data/com.fonajo.encrypt/no_backup/androidx.work.workdb-wal
    Filesize

    116KB

    MD5

    206490127ea2fd1461cf8cedf6833c73

    SHA1

    535cef7af09907f9187fd7a97d15fdd03a3172a1

    SHA256

    4c49ed32a6c4ac6de62d545fcc5a1b8bdb3e277271fbc04e73bbc7ef276ce457

    SHA512

    4f181e41e55dd664681cac587c50eeae697f68f5aa731bda7c3a119512e63c0261a2c3d5839cebc7af90c1477f1bb977a691306bd1cfc39ada8d012066c6131d

    Download Submit

  • /data/misc/profiles/cur/0/com.fonajo.encrypt/primary.prof
    Filesize

    1004B

    MD5

    210bf258dd5d3b323f5d2d0c092e630a

    SHA1

    b78713669eebd9b495ce45ec5847e13ed517ccf3

    SHA256

    970530fbfea991d8ff48c10cd2947b8973e4902086f08d80f793262bd5101eed

    SHA512

    0fec4a63f9f051037f609c279b11a610c0764d76d33217b1b87450131c2b090830d66300f0b0916ecb22a9824f2ddd12e1916bed60081f5091773b35b57738f5

    Download Submit

  • /data/user/0/com.fonajo.encrypt/app_giraffe/PhfdZ.json
    Filesize

    1.3MB

    MD5

    57184c2ed638d075817a9821087f71f3

    SHA1

    14057a7f5bb31232d4a7ad8307e3dab740b8bc96

    SHA256

    c62f01e5df2309e9f4ad21cbcbcc7868e73085fc894ac9d6860a931c4adf4b4a

    SHA512

    d2383bf284b3231f977005f66d777592500e21916bd938b5e36ab18a6e27c36a713ec636615750c10bfd5d9a2ea7186ef2892df1cdb36ba794ebc1a12f96a768

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.