Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0f8f67d222...18.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f8f67d22226c471928494591045cba7_JaffaCakes118

  • Size

    19.4MB

  • Sample

    240503-dyagqsdg61

  • MD5

    0f8f67d22226c471928494591045cba7

  • SHA1

    0aac63d8b83e7142b194784c01791a54fb795a2f

  • SHA256

    0b805cbd3f0d409407ae7b2e2ee3f9ea1a6874e19043949989c52f2e2dda2999

  • SHA512

    d76b6509a59407dc3069c73950f34dc034274301b6795465c1e87cc45fc8360cec20152eb0247a694c029d45be84171bcd99ae7803485d37efcd86198001ff20

  • SSDEEP

    393216:ZF+NAYMs803bNuca6hl+RhdE8FXoBAkBUIF2E0V:T+FNO6+DdjYGUUIq

Score
10/10
badbazaarandroidcollectiondiscoveryevasionexecutioninfostealerpersistencespywaretrojan

Malware Config

Targets

    • Target

      0f8f67d22226c471928494591045cba7_JaffaCakes118

    • Size

      19.4MB

    • MD5

      0f8f67d22226c471928494591045cba7

    • SHA1

      0aac63d8b83e7142b194784c01791a54fb795a2f

    • SHA256

      0b805cbd3f0d409407ae7b2e2ee3f9ea1a6874e19043949989c52f2e2dda2999

    • SHA512

      d76b6509a59407dc3069c73950f34dc034274301b6795465c1e87cc45fc8360cec20152eb0247a694c029d45be84171bcd99ae7803485d37efcd86198001ff20

    • SSDEEP

      393216:ZF+NAYMs803bNuca6hl+RhdE8FXoBAkBUIF2E0V:T+FNO6+DdjYGUUIq

    Score
    10/10
    badbazaarcollectiondiscoveryevasionexecutioninfostealerpersistencespywaretrojan

    • BadBazaar

      BadBazaar is an Android spyware used by GREF APT group.

      spywareinfostealertrojanbadbazaar

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Reads the contacts stored on the device.

      collection

    • Reads the content of photos stored on the user's device.

      collection

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence
    behavioral1

MITRE ATT&CK Mobile v15

Tasks