Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
12s -
max time network
150s -
platform
android_x64 -
resource
android-x64-arm64-20240506-en -
resource tags
-
submitted
07/05/2024, 22:11
General
-
Target
21ef9f627c66c4f6251acc77d77a9184_JaffaCakes118.apk
-
Size
28.3MB
-
MD5
21ef9f627c66c4f6251acc77d77a9184
-
SHA1
db95724ed1f48091d5bfe5e06b0596fb1c3fc31d
-
SHA256
5c52b85f7fe918be44cf6a6a94b6c976ea479c47531594cbb5a699ebb1a73a60
-
SHA512
a54ca1aa75ba56140bbd53af2640ebef8bb52714ab02fd85dbd0d04b88e06220d5a1a66913241fe237c42938db3ef155df2d6f650e6f5edccac74423ca71bb4e
-
SSDEEP
786432:espzy53PGH4odQD35ziCJh9Vip+e9/mNSV6rAqJI5LLHH/:S3YfEgCT9h2/mBI5Lb
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell information.
Processes
-
ru.kes.chasinglight1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Requests cell location
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5e8a3cf1519f76f90fe66482692fb2735
SHA1de43fce34992dbfeb9d216b1ecf45e489c7a67f5
SHA256950dcb46fb427d6c603ddf7b05954f5dcd02840e0a0657a40b71d0d6ebf488f0
SHA51221b0c416e7ad89bb460aa7e8211c626aa20df41bdf46afd10877c6234649bd0a4de301c88af57a7000750a208774e06e2a30340cd9f96947b962f6e9ba112651
-
Filesize
512B
MD5d3618e160870229f3d65ba51bc9bc804
SHA18494876e47ce0d8bcca61d528e0e17c17b511936
SHA256e8ad88726a3b572d4302b5d40e7c9bc30b7d464deb99a37bb8e286a89a2acd1e
SHA5128082738dafd1407813009cf5f67d7f4500f10153e3006e3a0ac3f4b7671d1a316e1d4e132b34878d02ebb498ac5c9f6d02e35779df94e15909279e87b81803aa
-
Filesize
8KB
MD551f36739097193b4c7f2dce558c827d0
SHA1a3cdd94d6e5b011399aa2dfe852e25f0215806a5
SHA2565c86dc7273ea9972ff892f81caa99438039fd73b53d4ce107a18752e65d1d075
SHA5124dc043412185b26cb4726c613c951fa84c39739ee3fcaa897513f3a7d3dfbbe2307fb97226f9a0a373b9969c357ee8238de2df291a925d709a35b529f5a493bc
-
Filesize
8KB
MD5c944d9a9b8d251b3f03efc6eac42caf7
SHA16caa0f871aeb4163062cbd21a0a49a518617642c
SHA256d82d8813ba3964c15b8cebb19bf4b7fed806656b04700d277628c91a0beae7cb
SHA512f8f6bf5af0de504da8a5f20667a25e1d0c274e99dcf24e4e4a2a411b6b4a1c0f9745269d129f03232b81fa919cbef6f73f43b53cc9c1fd7abda85af3b743078a
-
Filesize
32B
MD5437081af6b886101f6d20847d9255d33
SHA1c41bb118063b377c76d713265d01fae7b3587592
SHA256022f8b359131f50ca2a79344e12105070679fce10ef25a67f29f4160d6b4057b
SHA512df05c86c194a41ccbf5ecd78b3f1931ba2f6aaf0278e5e00fd0efad5a32e48fe4566d8a45af05234929730a5194fdadac5e7f95eef712afdce25504707b5c36b
-
Filesize
3.6MB
MD57b303ed0278ecd45e9dfd24ac7585fe6
SHA1618a10ab980dbf76a90c09d3e7579aafccf85040
SHA256a5d7512b741107d6279d08556ad5baee40efac5e0ca0259f0f434daa0e5efdce
SHA512c6d3b08d7f2deebd3a816ee6e61da1562ceb4460bd26c1ee4945824affc9710996fde7a16b0d9ce5241f3010b89d4c1d5ccebabea2809f87ee448b83b5fecc0a
-
Filesize
8B
MD5259a73c1c28d606c4225458e546b3840
SHA163a4b7743943f2b2622dceac9f88d3eaa7b4a4cc
SHA2567891503e12ebf9020eb0217ea5bd229288dacdecdcdae86e81b5cefd433751f3
SHA512dc589c5294592026e9e5c970bd1d9cc849d575a14a49c49bab4b81068bdb7f734b9b1b40a11138aed7cb2eb62b591dc539e6cad4df5ace8e9f3588d49558e1bd
-
Filesize
10B
MD563c86cd52a2032fe766e9ddd0cec9b84
SHA1bb1028d3839a1a11b879a31fbb5efbc8c389a591
SHA256bf2f4a993b11592919b69bc2e8c1201cceb23353319a816f087854eee54441bb
SHA5123a2b5c3e66dbdb38f491d4acde1a9c2238ca8e5bba8c6ec4b2b88fa55ce36721c907feb07a101d6737811e0d8ecc944a687748256d98f26cd8cc47e270c588a4
-
Filesize
1.3MB
MD58881e0f4790a8ae6be31157e2e1af8f5
SHA165ed89609ab3995598f895f8330f55fa8dc713cb
SHA256ff57f08e1cd3baf3e92fe033cab19a4faf88d636dd467feae57618ab1dd24bc5
SHA512c65573f1bbe1a6fea603f1d3195912ef3011338d592ace578362dee7af4c50d818bb235c467bb0b11766df73b5ad2735260843e20e8e9bdf14f92f58b73a2994
-
Filesize
3.1MB
MD52fe34ca16bd1e7469b22337c725f5522
SHA14a3d546f93276ebbd2f3bb9c45da3175ac822991
SHA2564d62e51eeb52b74cce69b85630a65a08b67c89e3c960e63b60229e4e7e9c666d
SHA512e0935a0487910a029cd8660405d736e5c460c9cad5d1da7aa84cb74f095641d8ddffa8636b4df6b825503c8e08a4b839135d5b3d4663ba85e96fc954af324dce
-
Filesize
3.6MB
MD543eacd187ddae0fe9deaa054e5f7f770
SHA16a4db81880b121a2fae02c84219fed1808bdbb46
SHA256927c1e61e10e53ae79a2879fc781c6e88270e7ed7da4a8dafd10ef1c265e4b54
SHA512730ec7220cb3b2e5bf339f49145fd5d46da6d2e5f951f7719dcd5e950fbafa6815b88958d044196fa1be1ce3a95fd2b5074c6cb8a0ae166ff3d094f3eaf8e3ec
-
Filesize
19KB
MD52c1ed75b42b2e5fe45c87cc3729a4ec7
SHA160e15d8d6e99d144d99cf8936d4304272e0c3782
SHA2567e713c464d2e1285098b82953d2103e43e43bd42dfcdbdeaccc0cfb115b9e155
SHA512d681a6f3870b1960968d6633c2351ce67ebb0b4b1bea2926d4154dda10826f71d1529507bf32aefe436bb21f5b6682203dde61150c8ffb68eac3b50172343710
-
Filesize
1B
MD513c8ffd977013703a701cf8e11deac65
SHA1067d5096f219c64b53bb1c7d5e3754285b565a47
SHA256e7cf46a078fed4fafd0b5e3aff144802b853f8ae459a4f0c14add3314b7cc3a6
SHA512527cff2b6fdfbc0f54fe092b17d6d8c7e22500242635fa56981e85a64da6ce8a12a3a66cf69fd48f588bcba9bad141b8e351a0cdd4925ae57289933eec1fc153