Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

37df8015fb...18.apk

android-9-x86

7

37df8015fb...18.apk

android-10-x64

7

37df8015fb...18.apk

android-11-x64

7

Analysis

  • max time kernel
    137s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240506-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
  • submitted
    12/05/2024, 02:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    37df8015fb7b4dc168855558642039aa_JaffaCakes118.apk

  • Size

    2.2MB

  • MD5

    37df8015fb7b4dc168855558642039aa

  • SHA1

    e9822f09f63c1f798fd6c5e2932d7a7ce211cb8f

  • SHA256

    c3227860688cf6aa5b5b97c50ab7d0a124ff84e07b9fdfaa62adde7f8ec58efc

  • SHA512

    984fd475fec3cf43215d5442e3c867868a2d071a479e8c730b3ce7f105fcfe017ae79d8f575b9f8cda46bc56d465ba19aa01ea35a303ed87cf3a612390d0ade0

  • SSDEEP

    49152:CRYqCoStcFF3pJgUxDZomznCwDyqn/68sJzB06G5pnQH:CRwcX3xamzCYn/DsJzBV

Score
7/10
collectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.yxxinglin.xzid694
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Queries information about the current nearby Wi-Fi networks
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4844

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.yxxinglin.xzid694/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE1NDgyMzc1NjMy

    Filesize

    1KB

    MD5

    4983e5f7734dfdfd8c1af301efe7bc31

    SHA1

    cc41a7465ae66731ec7e100eeeb90bd999adf91a

    SHA256

    a7f3ef3d09fc31d36c527f91517e0315012e1222c4c7f3a37d11b6583634d611

    SHA512

    ee4184d1ee4d483678157cf6e8b46a9f87a321ab094a88279502748746afb1818754238169d2454647411821aaf83e1aefc2799af9ee05530e44b6e661937d54

    Download Submit

  • /data/user/0/com.yxxinglin.xzid694/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNzE1NDgyNDA1ODA1

    Filesize

    1KB

    MD5

    e08dff7ec6b8f04b5651c01645612bd1

    SHA1

    b0822df1b65867dc740c22b551112358f78e39b8

    SHA256

    c405a45f3ea70367f5ac0f3eef7e0844296b60cb5a32fdca4c2f9ffcc284d26f

    SHA512

    58bd3a3f461f4c0320764d20cffc7a800f2f4e1a72e58d4760c38d59567ee38a7fe9774658daff76b5b33a6f6a7c616262d1e0a900ea9b8d18a34402a3f2029e

    Download Submit

  • /data/user/0/com.yxxinglin.xzid694/files/umeng_it.cache
    Filesize

    350B

    MD5

    a43d4e12588595351ea73b5044f3288a

    SHA1

    5300ee437de967fad755b1b3457f7243d065ce4f

    SHA256

    b30bcdcc9f16c0a8cb1047bdcdfebd581f143ee2c79ffe00c12bcd90f237cfda

    SHA512

    7ef85e298bd5de2b93ebad55fb9f80c0504992587da188f32963328a0957b743ed881d0f69c3202918108db5b852c871c5d32ec039da20714a1765fe524a75f3

    Download Submit