Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2c43679243aceffdf65a37612704c034_JaffaCakes118
-
Size
18.2MB
-
Sample
240509-3lwxmsde8z
-
MD5
2c43679243aceffdf65a37612704c034
-
SHA1
609fc79ae0c0b4302aa3a41052830548d868484a
-
SHA256
ddc1f2edb82739e7a92182aae6ddff254393d459c66b120ca09ce84627457efa
-
SHA512
16964591a023cbeba613098f6ad88bde90e53f99695212e49d89b73891c3a1d9e3f7fabf4d137e397fe71a028e46fc7bcce225e4653a241cfaf172572cde2b7a
-
SSDEEP
393216:o0PWpOh4C4tBP1I/aql9GhfXsnVxx3szexeyrRqMSM+nt3a:o0PWpOh4zqDGt0RsaxeyrR/xz
Malware Config
Targets
-
-
Target
2c43679243aceffdf65a37612704c034_JaffaCakes118
-
Size
18.2MB
-
MD5
2c43679243aceffdf65a37612704c034
-
SHA1
609fc79ae0c0b4302aa3a41052830548d868484a
-
SHA256
ddc1f2edb82739e7a92182aae6ddff254393d459c66b120ca09ce84627457efa
-
SHA512
16964591a023cbeba613098f6ad88bde90e53f99695212e49d89b73891c3a1d9e3f7fabf4d137e397fe71a028e46fc7bcce225e4653a241cfaf172572cde2b7a
-
SSDEEP
393216:o0PWpOh4C4tBP1I/aql9GhfXsnVxx3szexeyrRqMSM+nt3a:o0PWpOh4zqDGt0RsaxeyrR/xz
Score7/10-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
register.jar
-
Size
243KB
-
MD5
c1dd55ebd452321760864b19efa4ef71
-
SHA1
82c172eddae0c5515dc7e24ab193aaf01998b2dd
-
SHA256
2c8a02d5bb0ac9f4fc367db81fd25395e8ee54d38ade34faeafdd083ab7ea9bd
-
SHA512
9a61bd5089e21a473dc2e2843f25c7389c8fc7a9617874206e67d21870c149c619c7c80610415eda4a7b0d26fe04497dbd4a8ab0c42491e0753f1097e7f90be1
-
SSDEEP
6144:la6HZjEQQNkQRcdIQ6eHWw0KTa0cl7UjHGyIaXb:4655LQR7sOplNyrL
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
-
-
Target
safetynet.jar
-
Size
543KB
-
MD5
38308dd27c36872def8150956953d051
-
SHA1
61dd4ea58e542679a6ec1e84e5fbabbff9f19d01
-
SHA256
41e33a31b894cb009c5437919733e70fa3aadf01f7ad2811b7097937112c79dc
-
SHA512
5f1c9c68ee73406017707d670006eeeeddc56f1755c0ff44656323d097f44376f36d35ac6679b236c7b35b1e3e999ceea514f3832a691e9d3dda93d1d0d4fbb1
-
SSDEEP
12288:c6n4r/Y4GxAthQZ0/2dWk/3dA7RtTl1iZysMsPwP:R4r/YZxzSAWEPwP
Score1/10 -
-
-
Target
vending.jar
-
Size
309KB
-
MD5
296c9d95f922ed92f12f3425b70cb6a9
-
SHA1
e2903a070d76a15cad9a2eea95e5bac30e5c7d50
-
SHA256
752ed80071d53289a3ecaf168a4d9e8b9a46932ea77896f47dffb9f53114d7e5
-
SHA512
06533dfdfceac94add69bcd85e6eb7216c596fc00214ac24511b565955e9cdfcd59a34829555680360504c47c7a6a0c1c2a021a7c4164f3fb196abae738d36d6
-
SSDEEP
6144:a844OkUYokCNo5/d0gI6VP13JOb66F/3kqzZR6QuUb:vv1UYSW5/1P9JObR/kmZR6l8
Score7/10-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2