Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9494d9482b...18.apk

android-9-x86

8

9494d9482b...18.apk

android-10-x64

8

9494d9482b...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9494d9482bcb6f3d07195dfdfd1401c1_JaffaCakes118

  • Size

    254KB

  • Sample

    240402-xrd15aaf55

  • MD5

    9494d9482bcb6f3d07195dfdfd1401c1

  • SHA1

    e9a942a0dbde2269d1c973d38c444ce606802b38

  • SHA256

    29dd9e53a5b10a1ce5825cfee804122d7f6abc5e762d73098fcf5c7b7046ab2c

  • SHA512

    46104046850916074fcceaaaa9944c15b7846d65da74828c30e413eaca565583f733f4fb5f77a1efddfee473040dc616284b69c034434947269554433cd7db55

  • SSDEEP

    6144:byF34N/hBX7g3DWkfaT9O5bjhONLpkHn7id3nq6I:uaN/TLEhfaQ5bjhOpI2dU

Score
10/10
sandroratandroidevasionstealthtrojan

Malware Config

Extracted

Family

sandrorat

C2

0.tcp.ngrok.io:13722

Targets

    • Target

      9494d9482bcb6f3d07195dfdfd1401c1_JaffaCakes118

    • Size

      254KB

    • MD5

      9494d9482bcb6f3d07195dfdfd1401c1

    • SHA1

      e9a942a0dbde2269d1c973d38c444ce606802b38

    • SHA256

      29dd9e53a5b10a1ce5825cfee804122d7f6abc5e762d73098fcf5c7b7046ab2c

    • SHA512

      46104046850916074fcceaaaa9944c15b7846d65da74828c30e413eaca565583f733f4fb5f77a1efddfee473040dc616284b69c034434947269554433cd7db55

    • SSDEEP

      6144:byF34N/hBX7g3DWkfaT9O5bjhONLpkHn7id3nq6I:uaN/TLEhfaQ5bjhOpI2dU

    Score
    8/10
    evasionstealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks