Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

21ef9f627c...18.apk

android-9-x86

8

21ef9f627c...18.apk

android-11-x64

8

kyx_data.apk

android-9-x86

kyx_data.apk

android-10-x64

kyx_data.apk

android-11-x64

AdServer.apk

android-9-x86

analytics_core.apk

android-9-x86

1

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21ef9f627c66c4f6251acc77d77a9184_JaffaCakes118

  • Size

    28.3MB

  • Sample

    240507-13w8maad8z

  • MD5

    21ef9f627c66c4f6251acc77d77a9184

  • SHA1

    db95724ed1f48091d5bfe5e06b0596fb1c3fc31d

  • SHA256

    5c52b85f7fe918be44cf6a6a94b6c976ea479c47531594cbb5a699ebb1a73a60

  • SHA512

    a54ca1aa75ba56140bbd53af2640ebef8bb52714ab02fd85dbd0d04b88e06220d5a1a66913241fe237c42938db3ef155df2d6f650e6f5edccac74423ca71bb4e

  • SSDEEP

    786432:espzy53PGH4odQD35ziCJh9Vip+e9/mNSV6rAqJI5LLHH/:S3YfEgCT9h2/mBI5Lb

Score
10/10
privateloaderandroidbankercollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      21ef9f627c66c4f6251acc77d77a9184_JaffaCakes118

    • Size

      28.3MB

    • MD5

      21ef9f627c66c4f6251acc77d77a9184

    • SHA1

      db95724ed1f48091d5bfe5e06b0596fb1c3fc31d

    • SHA256

      5c52b85f7fe918be44cf6a6a94b6c976ea479c47531594cbb5a699ebb1a73a60

    • SHA512

      a54ca1aa75ba56140bbd53af2640ebef8bb52714ab02fd85dbd0d04b88e06220d5a1a66913241fe237c42938db3ef155df2d6f650e6f5edccac74423ca71bb4e

    • SSDEEP

      786432:espzy53PGH4odQD35ziCJh9Vip+e9/mNSV6rAqJI5LLHH/:S3YfEgCT9h2/mBI5Lb

    Score
    8/10
    bankercollectiondiscoveryevasionpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery
    behavioral1behavioral2

    • Target

      kyx_data

    • Size

      3.6MB

    • MD5

      7b303ed0278ecd45e9dfd24ac7585fe6

    • SHA1

      618a10ab980dbf76a90c09d3e7579aafccf85040

    • SHA256

      a5d7512b741107d6279d08556ad5baee40efac5e0ca0259f0f434daa0e5efdce

    • SHA512

      c6d3b08d7f2deebd3a816ee6e61da1562ceb4460bd26c1ee4945824affc9710996fde7a16b0d9ce5241f3010b89d4c1d5ccebabea2809f87ee448b83b5fecc0a

    • SSDEEP

      98304:XCLBOUCaA30tumBfOs9E0gjzOiu0aePJ8yQ04gQWaqdbYWM:4d8kFfS0gjTu0HK84gQWaGm

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      AdServer.apk

    • Size

      1.1MB

    • MD5

      ea9fc2de2713d361828a7165d3f03143

    • SHA1

      3b224e1a4d0c48490a1a59658ba65f544d9d94f5

    • SHA256

      6ba8f554ff53f40d4e822a19dd0861dbb9216223de8e6080dd21797693cade2a

    • SHA512

      a5294c01891c0b3decc69eb71f4be4499c57525b137df0ab7b8e885f00e59a4aacf86048cee212e05311f18e22859f59c1ccf08768b2a4e1a59043bef93bae5c

    • SSDEEP

      24576:sexlNPLCOJqI7efCr8vTbmTttkKilybtQqjAysPf0+Ym4Hf+:zBOU7ear830tup4BQq9awm4Hm

    Score
    1/10
    behavioral6

    • Target

      analytics_core.apk

    • Size

      159KB

    • MD5

      d2e90bb505f20fc73baf25805b0273aa

    • SHA1

      240fbbfda194a65761baed6f3546bc4c744a1850

    • SHA256

      77060ad812f5e6e9e896c39bc548f8295238eaa9941e1986e8e024e7d2114309

    • SHA512

      c2ef3f79b6cfb171b0904ff8138238cbf985344d91d6d9ec35472d14233d1b108cc0234259e8286cbb099747cc8d9d2f74c8c7394ab3a6dcfc2cc95e168c8c85

    • SSDEEP

      3072:/vnDHScqJUCqi8p27PhJkqOjvxSWnNoPuKAaSWk8V4rpCPd7H7sl3eX0emR7KDD:7ScaCioePDaZdnNdFDJCPJoKvmtiD

    Score
    1/10
    behavioral7

    • Target

      gdtadv2.jar

    • Size

      127KB

    • MD5

      6908bde3c0b57a2a5a44acc88d11acfb

    • SHA1

      a4c06ad5d350dffecafcfaf28cc49a2ac8c59b0e

    • SHA256

      526cea1af82164da4519013f0b8df0c7eebb4987cfd66fb59fa04d4560aad460

    • SHA512

      19aec72e94381a846bf5834ad38af5b7701f0d242d33286e8650c15dacdb4e27c9b5fb2222a4f6a657758df1cfebc1862670f568a76b9f1adab535da2a597bb0

    • SSDEEP

      3072:x6aPP2Y+Li8x9zRMCnq9kHC73v/2z/0TMfyhzpzKb/p:xH6LtbnJi72DXyCDp

    Score
    1/10
    behavioral10behavioral8behavioral9

MITRE ATT&CK Mobile v15

Tasks