Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2139d092673729c0b0e028cf4c606eba_JaffaCakes118
-
Size
8.1MB
-
Sample
240507-xdcwxacd78
-
MD5
2139d092673729c0b0e028cf4c606eba
-
SHA1
27d492c21c57fef3cb973d79313473575a54f072
-
SHA256
b1b3ee518d136b31ee431491a89f20ff6c8305e0afe5d9b44da78a8cd22430d5
-
SHA512
0b54311efbc9eb2fe7126a44c52a4def0a4114994dd991fb90a3f6d0e49e43076c17022abbe5f6a62b4612e2dded9903d11a6b6667b80f957d8da7db37620c12
-
SSDEEP
98304:Yv8wdUL+PvptO0kpbAGNpfx7VzHk24V6IgSGirHd6rHhbOK4YqHh2ccSdarZKiaM:DwdXvpgvNpzA36H8HdWyDH0cckaN/a7A
Static task
static1
Behavioral task
behavioral1
Sample
2139d092673729c0b0e028cf4c606eba_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
2139d092673729c0b0e028cf4c606eba_JaffaCakes118.apk
Resource
android-x64-arm64-20240506-en
Behavioral task
behavioral3
Sample
gdtadv2.apk
Resource
android-x86-arm-20240506-en
Malware Config
Targets
-
-
Target
2139d092673729c0b0e028cf4c606eba_JaffaCakes118
-
Size
8.1MB
-
MD5
2139d092673729c0b0e028cf4c606eba
-
SHA1
27d492c21c57fef3cb973d79313473575a54f072
-
SHA256
b1b3ee518d136b31ee431491a89f20ff6c8305e0afe5d9b44da78a8cd22430d5
-
SHA512
0b54311efbc9eb2fe7126a44c52a4def0a4114994dd991fb90a3f6d0e49e43076c17022abbe5f6a62b4612e2dded9903d11a6b6667b80f957d8da7db37620c12
-
SSDEEP
98304:Yv8wdUL+PvptO0kpbAGNpfx7VzHk24V6IgSGirHd6rHhbOK4YqHh2ccSdarZKiaM:DwdXvpgvNpzA36H8HdWyDH0cckaN/a7A
-
Checks Android system properties for emulator presence.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
gdtadv2.jar
-
Size
468KB
-
MD5
6bfe094580c89ba696ef8772de47a552
-
SHA1
210bc4afce84b6e6bb36f97f68f9d3d9d3432643
-
SHA256
a884e386bf4ec066c9a82518c354be513182add87107552b1f4cf33dc80bddd4
-
SHA512
7ae8c9210957f06eb177fa0472ac1fcf80f0e6b1f308ec1906fe059c38623e404b37c34d9e8702cab66efc7ebfdc5400f1506db89b75a5fd1dd915ec2c2086a5
-
SSDEEP
6144:Nz015KiQP/B4tKQ3OTNgdJHqn+9ZMsH5EK9JKp0KMNd4IoCJlv0gxWky9+T2k57:N/Z/B/NgdliEZMs9JhZ4kykTlJ
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
3System Checks
3