Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a93d80aa472c989ecda588de1f59402_JaffaCakes118

  • Size

    26.1MB

  • Sample

    240509-sm9vsagd3s

  • MD5

    2a93d80aa472c989ecda588de1f59402

  • SHA1

    1128d338ba5919afc8d8777994bea7a46a818344

  • SHA256

    8bc37804014f9adf1a3f19cc4105c573c759330d1d9d0853f60ef34b3ecb2847

  • SHA512

    515cf84551653900b14e59706388b4c2f12fc887c7fd555d533d8c20875fbb11db2c59bfc1b5254c4a43c69381fd7e05c23da868fe58e44adcefa09f6bba3d71

  • SSDEEP

    393216:pyyIaKI4c1qNxjZ6NmsT2rBm5L3UopPK5JLYC/Osz0rRsFt82Vn5Ogd3ujTXD8WJ:jum4XMy4R3LQ5J1WRIFZ5u3/kkX

Malware Config

Targets

    • Target

      2a93d80aa472c989ecda588de1f59402_JaffaCakes118

    • Size

      26.1MB

    • MD5

      2a93d80aa472c989ecda588de1f59402

    • SHA1

      1128d338ba5919afc8d8777994bea7a46a818344

    • SHA256

      8bc37804014f9adf1a3f19cc4105c573c759330d1d9d0853f60ef34b3ecb2847

    • SHA512

      515cf84551653900b14e59706388b4c2f12fc887c7fd555d533d8c20875fbb11db2c59bfc1b5254c4a43c69381fd7e05c23da868fe58e44adcefa09f6bba3d71

    • SSDEEP

      393216:pyyIaKI4c1qNxjZ6NmsT2rBm5L3UopPK5JLYC/Osz0rRsFt82Vn5Ogd3ujTXD8WJ:jum4XMy4R3LQ5J1WRIFZ5u3/kkX

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Checks Android system properties for emulator presence.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the mobile country code (MCC)

    • Queries the phone number (MSISDN for GSM devices)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Acquires the wake lock

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Target

      ksc_plugin_v407.apk

    • Size

      520KB

    • MD5

      7ce3813de5c5a487cfd54194060e6a8f

    • SHA1

      b01debd35406bcd12cdd60a2bbb53104eacbc23c

    • SHA256

      2bad8fa96e17b45695a21b7a2d21acacd25c13670348575f9df618a9fecfd7a6

    • SHA512

      d45f5a887d668ab47899014922256cc79e62999a5ec4546bfc3f7d51aae17ec27e37b66fdd02779277d76fd058d6ca5c949a4c8bd32aad88540e841fb2e572a9

    • SSDEEP

      12288:maVhSzPJnOHYIEcyb5Rw7QMVsdt5Kzt0gDhSTL666Itgg:m1zPJKYI1ydRw7Qr5KtB1IUw

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks