Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

2139d09267...18.apk

android-9-x86

8

2139d09267...18.apk

android-11-x64

1

gdtadv2.apk

android-9-x86

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2139d092673729c0b0e028cf4c606eba_JaffaCakes118

  • Size

    8.1MB

  • Sample

    240507-xdcwxacd78

  • MD5

    2139d092673729c0b0e028cf4c606eba

  • SHA1

    27d492c21c57fef3cb973d79313473575a54f072

  • SHA256

    b1b3ee518d136b31ee431491a89f20ff6c8305e0afe5d9b44da78a8cd22430d5

  • SHA512

    0b54311efbc9eb2fe7126a44c52a4def0a4114994dd991fb90a3f6d0e49e43076c17022abbe5f6a62b4612e2dded9903d11a6b6667b80f957d8da7db37620c12

  • SSDEEP

    98304:Yv8wdUL+PvptO0kpbAGNpfx7VzHk24V6IgSGirHd6rHhbOK4YqHh2ccSdarZKiaM:DwdXvpgvNpzA36H8HdWyDH0cckaN/a7A

Score
8/10
androidcollectiondiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      2139d092673729c0b0e028cf4c606eba_JaffaCakes118

    • Size

      8.1MB

    • MD5

      2139d092673729c0b0e028cf4c606eba

    • SHA1

      27d492c21c57fef3cb973d79313473575a54f072

    • SHA256

      b1b3ee518d136b31ee431491a89f20ff6c8305e0afe5d9b44da78a8cd22430d5

    • SHA512

      0b54311efbc9eb2fe7126a44c52a4def0a4114994dd991fb90a3f6d0e49e43076c17022abbe5f6a62b4612e2dded9903d11a6b6667b80f957d8da7db37620c12

    • SSDEEP

      98304:Yv8wdUL+PvptO0kpbAGNpfx7VzHk24V6IgSGirHd6rHhbOK4YqHh2ccSdarZKiaM:DwdXvpgvNpzA36H8HdWyDH0cckaN/a7A

    Score
    8/10
    collectiondiscoveryevasionexecutionimpactpersistence

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks Android system properties for emulator presence.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

    • Target

      gdtadv2.jar

    • Size

      468KB

    • MD5

      6bfe094580c89ba696ef8772de47a552

    • SHA1

      210bc4afce84b6e6bb36f97f68f9d3d9d3432643

    • SHA256

      a884e386bf4ec066c9a82518c354be513182add87107552b1f4cf33dc80bddd4

    • SHA512

      7ae8c9210957f06eb177fa0472ac1fcf80f0e6b1f308ec1906fe059c38623e404b37c34d9e8702cab66efc7ebfdc5400f1506db89b75a5fd1dd915ec2c2086a5

    • SSDEEP

      6144:Nz015KiQP/B4tKQ3OTNgdJHqn+9ZMsH5EK9JKp0KMNd4IoCJlv0gxWky9+T2k57:N/Z/B/NgdliEZMs9JhZ4kykTlJ

    Score
    1/10
    behavioral3

MITRE ATT&CK Mobile v15

Tasks