Page 1 of 1

[Sample Request][Android] Triada Buried in Leagoo Firmware

PostPosted:Mon Jul 01, 2019 9:25 am
by ZevinZenph
Hello,

Recently I came across a relatively old article describing malware dubbed as Triada that was able to be buried into the firmware of Leagoo products. I've searched for the sample on multiple sources like hybrid-analysis and malwaretips but to no avail. Would anyone in possession of the sample mentioned below mind to share the file here? Thanks!

Sample I'm looking for: https://www.virustotal.com/gui/file/970 ... 4940c5e93b

-ZevinZenph

Re: [Sample Request][Android] Triada Buried in Leagoo Firmware

PostPosted:Mon Jul 01, 2019 2:10 pm
by FakeAVHunter
I Searched and i searched and the apk android triada is a multiple accounts :crying: :crying: :crying:
I found from a infected apk store so here you have hope is correctly

Re: [Sample Request][Android] Triada Buried in Leagoo Firmware

PostPosted:Mon Jul 01, 2019 3:17 pm
by ZevinZenph
Thank you for your genuine help! But I'm sorry to say that I guess it's probably not what I'm looking for, according to the public analysis from Dr. Web. I'm sure the file I'm looking for is quite difficult to find since it's not only an ELF shared library but presented in compromised OEM firmware instead of APK packages freely available around the internet.

Edit: I forgot to put the analysis mentioned above here.
https://news.drweb.com/show/?i=10299&c=5&lng=en&p=0
It's an interesting sample that I'd enjoy dissecting later. c:

Still a big thanks for your precious time and effort! c:

Re: [Sample Request][Android] Triada Buried in Leagoo Firmware

PostPosted:Tue Jul 02, 2019 4:31 pm
by Antelox
BR,

Antelox

Re: [Sample Request][Android] Triada Buried in Leagoo Firmware

PostPosted:Wed Jul 03, 2019 6:01 am
by ZevinZenph
Thank you so much, Antelox! c:

Please mark this thread as completed. Thanks!