A forum for reverse engineering, OS internals and malware analysis 

 #33028  by ZevinZenph
 Mon Jul 01, 2019 9:25 am
Hello,

Recently I came across a relatively old article describing malware dubbed as Triada that was able to be buried into the firmware of Leagoo products. I've searched for the sample on multiple sources like hybrid-analysis and malwaretips but to no avail. Would anyone in possession of the sample mentioned below mind to share the file here? Thanks!

Sample I'm looking for: https://www.virustotal.com/gui/file/970 ... 4940c5e93b

-ZevinZenph
 #33029  by FakeAVHunter
 Mon Jul 01, 2019 2:10 pm
I Searched and i searched and the apk android triada is a multiple accounts :crying: :crying: :crying:
I found from a infected apk store so here you have hope is correctly
Attachments
pass : infected
(4.23 MiB) Downloaded 5 times
 #33030  by ZevinZenph
 Mon Jul 01, 2019 3:17 pm
Thank you for your genuine help! But I'm sorry to say that I guess it's probably not what I'm looking for, according to the public analysis from Dr. Web. I'm sure the file I'm looking for is quite difficult to find since it's not only an ELF shared library but presented in compromised OEM firmware instead of APK packages freely available around the internet.

Edit: I forgot to put the analysis mentioned above here.
https://news.drweb.com/show/?i=10299&c=5&lng=en&p=0
It's an interesting sample that I'd enjoy dissecting later. c:

Still a big thanks for your precious time and effort! c: