Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
242b02d87036fbdf2906de91c30ec1b0_JaffaCakes118
-
Size
27.2MB
-
Sample
240508-k7ksdsdb5y
-
MD5
242b02d87036fbdf2906de91c30ec1b0
-
SHA1
c564ea3dba76fbc38a548a010761823c14f6e0de
-
SHA256
047843420a597820fd67d7b1f80358bc854bd4910ba2905ed5915f9ac42cbd40
-
SHA512
057d7225385c0399c25e6b4ec6292a3ef7a553f79aa5a816de238d2471a7b08a17cdab068c1be172486860e9524f93a8c39818678618c9a06d8a49edd55ecd33
-
SSDEEP
393216:F7aHMc0auZnmeOpodv5JpcNVMVGyt6ItZQbdYT0MbdYT0iBjZOmWQue4caCPP/gn:4sdnmeOaFd0586IUSwBjZpbcikwOnb
Behavioral task
behavioral1
Sample
242b02d87036fbdf2906de91c30ec1b0_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
242b02d87036fbdf2906de91c30ec1b0_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240508-en
Behavioral task
behavioral3
Sample
amap_resource1_0_0.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral4
Sample
amap_resource1_0_0.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral5
Sample
amap_resource1_0_0.apk
Resource
android-x64-arm64-20240506-en
Malware Config
Targets
-
-
Target
242b02d87036fbdf2906de91c30ec1b0_JaffaCakes118
-
Size
27.2MB
-
MD5
242b02d87036fbdf2906de91c30ec1b0
-
SHA1
c564ea3dba76fbc38a548a010761823c14f6e0de
-
SHA256
047843420a597820fd67d7b1f80358bc854bd4910ba2905ed5915f9ac42cbd40
-
SHA512
057d7225385c0399c25e6b4ec6292a3ef7a553f79aa5a816de238d2471a7b08a17cdab068c1be172486860e9524f93a8c39818678618c9a06d8a49edd55ecd33
-
SSDEEP
393216:F7aHMc0auZnmeOpodv5JpcNVMVGyt6ItZQbdYT0MbdYT0iBjZOmWQue4caCPP/gn:4sdnmeOaFd0586IUSwBjZpbcikwOnb
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
amap_resource1_0_0.png
-
Size
24KB
-
MD5
94a2a5f84a3fd6f0fd9134708ae1b81e
-
SHA1
1e21afaa48ed86cb31aaf7b17c3514315364cc99
-
SHA256
fc0c21884d4edfa4d93282139a309f204b27271a111a5b158edbc048f730b461
-
SHA512
24a175d15cb5cf8d23f0d53b004ed5c9a47646129c816fcae1b46aedabd95bb2c6dd2958d39d6f98f36dec3cd55d6af2d9b8f7013ced4b37a30db566e9a44923
-
SSDEEP
384:SevEWnTSCwukBdJ4dVCHyP7MPi3oqYXgnJk:3vEWnSue4+Sf3opQa
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1