Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
163s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system -
submitted
08/05/2024, 05:52
Static task
static1
Behavioral task
behavioral1
Sample
237b23ed13d783c5f7a88e23aa0a65b4_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
237b23ed13d783c5f7a88e23aa0a65b4_JaffaCakes118.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
237b23ed13d783c5f7a88e23aa0a65b4_JaffaCakes118.apk
Resource
android-x64-arm64-20240506-en
General
-
Target
237b23ed13d783c5f7a88e23aa0a65b4_JaffaCakes118.apk
-
Size
1.3MB
-
MD5
237b23ed13d783c5f7a88e23aa0a65b4
-
SHA1
f0ba143de477b047d56bac2c8d9a1292a669752d
-
SHA256
8cbddec33e1d35849ca46c7395f4c913d8ae495f2ee1de0ec2836862b8f9c23d
-
SHA512
92e1c57a316fd1a701f8d5de80acd3e53501f045e0db6d75366752107f1fbdb31216642095b289832507bf8776c17370cd07b5386c92d452e4e42f72655935b5
-
SSDEEP
24576:wDegf7/6D5E+jo4eqbcA7jzHvk2nxWXPm58Z9Z5xNiqy3trdwfLaYrpLQWDSuFq0:w6gSj97k2YXPHZfc9rCfL/dtFq0
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.qnd.vgce.vleonttikg -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.qnd.vgce.vleonttikg -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.qnd.vgce.vleonttikg -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.qnd.vgce.vleonttikg -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.qnd.vgce.vleonttikg -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.qnd.vgce.vleonttikg -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.qnd.vgce.vleonttikg -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
-
com.qnd.vgce.vleonttikg1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5052
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
52KB
MD58ae1c3ffa588d1ca92f1121bf8015821
SHA1f632f4f6af8e6ac88d6d1378ea699c6f904a2b93
SHA256215185a0a2222b142f8d77293e30ca697b4e5a5b569a98f457a3eda903e8d69a
SHA5123b50ceeaf7c72c9a847c429ef420a0aacb546a30f0e024dcae68ef4e6ac94a4e39ba2039cc9f943d85303f00002e5b2f592e4b2f7fceaddf95639fe84d0d9850
-
Filesize
512B
MD54dffef6d925c555c894a8812fc96e6a4
SHA159e1a8163f22ff3f55f468ebc1951ec52e917d12
SHA256a978c9ff248cfa2e9d2d8e96d7ad4b02c130764017c0672cb152ba4fcd801d97
SHA51253cbd643f84bdd89f46d68cb3028c3dbc984d4cf64437ff25ee79b58dd10fd134b7d2d753c75422fe2204e06f428c03d57bc23846d3912a80d112ec541e14200
-
Filesize
8KB
MD5a44dc8e904d2730fd8b3ecb0824b080a
SHA1415b87ae979d9252b321a6164fc379b1739ad9cb
SHA25635aecf8c380072bebc5c5a26e1af51ffd8d88005cbadc589dcbe9ed0f3129f50
SHA512b636b345fac610c1dc586fa02ec7ec3fbf28b17ad6c41ad915ce63f5bcd36078da4ee55b917cb978190846827252f294b0b5d30268b3a1cff05798e7d0ee29f9
-
Filesize
8KB
MD545cfeb8cd827a0ad3ee6ac76cc002682
SHA13e896dac264b43795d5ecac5bff501b354d7ab45
SHA25676ee31f050537663edd0b663f5385c61938483c54a970b076317b6dc6428518d
SHA51234918ef660177b0e1e82a702e834de4bc1ac56a607831a50de6a6484003130b8adc283a326291bfc3a8f13b64c6d6a47f1325547b578f833bf22dd370eec8326
-
Filesize
32B
MD56b0f295ca2b212da2dc8a5a1810e68b4
SHA130aaf7e866eb6b27b58041b27909164c323768df
SHA256fb9fb766d9e01fcfbab272c3a965db3d38323b3604ea71e7cd53ab5498aa1ba2
SHA512ff0bc9a04cf70c14986d0e17482123b8a7fadf297a1c39f34b896eee0a6435b4fad9016960c3622ad1988a7d60dda52d13308eb2466714e4976264bdc90dee96