Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
138s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
20/04/2024, 20:23
Static task
static1
Behavioral task
behavioral1
Sample
fd921f51fc6c528da02dc8dd02d16336_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
fd921f51fc6c528da02dc8dd02d16336_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
UPPayPluginEx.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral4
Sample
UPPayPluginEx.apk
Resource
android-33-x64-arm64-20240229-en
General
-
Target
fd921f51fc6c528da02dc8dd02d16336_JaffaCakes118.apk
-
Size
8.3MB
-
MD5
fd921f51fc6c528da02dc8dd02d16336
-
SHA1
9d6c6549086fa7fd74cf1973293b75229298b40b
-
SHA256
3cbdfd9dc638f69c49792dbdb91632be06f9169b34a42d9d8fcd44f8aab1f660
-
SHA512
d4d16b6d71a6d7f706aa1fe0bb790921bb550bddd18e2e6cc38d6d0e08c276a58df045874974a91a1eb029ed9d24100daaf125292100c487fcc64fdee11d51e0
-
SSDEEP
196608:fJS0fjI4fjefjOfjufjkcKa7koXrrOlWUz:fFf04f6fifKfHyz
Malware Config
Signatures
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.yl_sport.ui -
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.yl_sport.ui -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.yl_sport.ui -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.yl_sport.ui -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.yl_sport.ui -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.yl_sport.ui -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.yl_sport.ui -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.yl_sport.ui -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yl_sport.ui -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.yl_sport.ui
Processes
-
com.yl_sport.ui1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5113
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
88KB
MD5ee0ef340ba37c3eccb8b744e5385d437
SHA1e146d6da5e4d3b9a7d3ab84a22a73e14cd3d0ab1
SHA25608b53441ea2c7b2f7db2d5b77d12084581009eb98d02fa9ff74d8e357475f063
SHA5120f354bfc9d2f76385ab59236b8a7066eb3959cb7733579d7f61e2f3110de5945e4596916f39eb18b25e28a1712365a70ff5aa4af9d7bbb418cc160261a96e525
-
Filesize
8KB
MD5eb74fd3db586d27789a80ade80bc7ebf
SHA1ba5c3860d78e216f19c6a996717a2683a704d750
SHA25685332a116d160aa827d32d4f4ef75a0b45f002df3326ce9834d20d0a663059cc
SHA5122e2d91af02dfb0af6e80d0e3f87d6f19d183f8caeffecf2558a2b2e997d54403cf8a42ffecb8cde33cc70fa0dc29dff42eac9936e6bd008fddff8f5e799bc07a
-
Filesize
32KB
MD5f0766bff3a0a3d87bf16712bea6eac95
SHA14f510cfc0b7afcafcc9c8242c8402a31915a5418
SHA256c5524164bd7d5959aedec7f60ba471836a51b86ddd3af4e0ab05b25370536e26
SHA5126030ec83ede7252b19e623c05194bf413bde4951e3ede04bd30df4a07fd057e18e764c5ec61cd14c4d79533fbb5920bb0b0d1aa1926cd0047d952a56c04e4f8a
-
Filesize
512B
MD5911eba08de8395e8e946bce936fe1171
SHA1415337eeeb1f780ffb3258037af52a83fe3de6c8
SHA2568d18e9e6142194665b9b931436d0123b345d0cd0ba9cd297b2aa536dbd4a1bc1
SHA51289168edbea2e85554fd4e89910932a89789e390c5a5919654c2a6315665c0f362c05605a33ed41276331bc22812ac27db9a7ff88e4228612e69f56ecf453c76c
-
Filesize
8KB
MD5f2f3922d4e1208184e8edc0544fc1460
SHA1af23cd28f05451edeb3f430b9448e53a934931b9
SHA256951a71a1a293d9631559e44ece0a309b249bdc0d6e1fc1e678c039f736d90b52
SHA5122dc44ec53893f5ed830a4706cc76dd2e12a70395b70bd54b2ee93ad28271422fa42b0787d31844af888cdda234bf88225c3a26f46dc800e97c928c56139089d2
-
Filesize
8KB
MD5c12bc169026f2103021a544f5ea65ae4
SHA19e86878ed37fe84d94061e1be544cf892a6d6c48
SHA256ebcbb175c1f9208da1f24bb8f1ed1e36678ae20f00d3232b88193828581c86a6
SHA5121bf617a338b0d6b413b23c0063b4644e50a36b8dfeff3a581548e26ac680643e8b5ced65544c8b6fc7e9325acfa0260fb250a13d3005d9cd0c83d421f7dc794a
-
Filesize
8KB
MD5edf85df84c3556bacd6b106fa72deb2b
SHA1dd33db9725e46988d39b2f46ab7f50f697624a78
SHA2565957374591ea0ba3e6e56780aa274e3c06a92f03fada10a01d2546c1c439fd79
SHA512dd965c8eeeda744496a9c23477c012d6450ecf104984bc62e3b2cef458a20e1345b059a5e26ca9a08e308b028d2d75d5f0da5945078441f9d2399d2c15d01a4e
-
Filesize
12KB
MD5ea628e04765adaf4238a5dcdff4bbd51
SHA1a801947619ea8c368efe9c006a324dc6339ac60b
SHA256885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe
-
Filesize
512B
MD5d42c330cc1a53455df27461afdbfc250
SHA11d9057b2ebfbed6cd31f60f272daea576a3128d5
SHA25640810c5f130b1e9aa4a041f46d1c53372d3a10c9751e8e7802d1c80a20c1ab5b
SHA512e7b61edb8f5e0f0d244c4a58a88b813145a1ec7e689e4390bca9491dc92346cd784eadfe292b994758ebcf6f7ec69406486cb7491ed6a78006e85c3874afc478
-
Filesize
8KB
MD5c444caa75e37b8243a251f1e1c07a29e
SHA1117ceb257472e01ef226fd87a34159c05e9b4947
SHA2562ec3b732b28b8e4ecbc0e7fa81c0e1633392295b6be201809d645fede8dfff0c
SHA51291f2534c3d7777a83dc344bca2e4f9ff159cb770005a99a14358fdeaf9ec312c18589922db695912eb7aec817ab9dd3326da9ebddd8dd660cfefa7940ff0ac92