Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Wireshark for android.apk
-
Size
7.1MB
-
Sample
250323-1kd94a1js3
-
MD5
ef14bc95b96003e9b9bafa819ee7443f
-
SHA1
8bfe3f71cc9521a9d40feb16f8250fc3c4d93a58
-
SHA256
9604b2b15ca36ba7e5cf8ef5b0ea9f5f43dfc6b92207a3c11a54033844658c42
-
SHA512
8a7e3f5da878fa7c3896307a91cd320851bec2c19d5c91365b03143d3fcd4a77b4c368983e29886205ffd5a218efe77de984ea966a77e4f51b00272c6b59b705
-
SSDEEP
196608:cBe3RGRqHEDSwhn+deSu/WALr3vVU6lIYEmQ75XdGHPd/hVt2V8:MwRGRqHEDSwZSKP326lIKU5XedtP
Malware Config
Targets
-
-
Target
Wireshark for android.apk
-
Size
7.1MB
-
MD5
ef14bc95b96003e9b9bafa819ee7443f
-
SHA1
8bfe3f71cc9521a9d40feb16f8250fc3c4d93a58
-
SHA256
9604b2b15ca36ba7e5cf8ef5b0ea9f5f43dfc6b92207a3c11a54033844658c42
-
SHA512
8a7e3f5da878fa7c3896307a91cd320851bec2c19d5c91365b03143d3fcd4a77b4c368983e29886205ffd5a218efe77de984ea966a77e4f51b00272c6b59b705
-
SSDEEP
196608:cBe3RGRqHEDSwhn+deSu/WALr3vVU6lIYEmQ75XdGHPd/hVt2V8:MwRGRqHEDSwZSKP326lIKU5XedtP
Score10/10-
888RAT
888RAT is an Android remote administration tool.
-
888Rat family
-
Acquires the wake lock
-
Checks the application is allowed to request package installs through the package installer
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Requests allowing to install additional applications from unknown sources.
-
Requests dangerous framework permissions
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-