Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

3c7244dbdf...18.apk

android-9-x86

7

3c7244dbdf...18.apk

android-13-x64

Analysis

  • max time kernel
    104s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20240506-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
  • submitted
    13/05/2024, 20:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c7244dbdf0d7797d774264e6415c631_JaffaCakes118.apk

  • Size

    7.7MB

  • MD5

    3c7244dbdf0d7797d774264e6415c631

  • SHA1

    fb3f6ae18fd5cc8da975153a0ad87d89564d1e10

  • SHA256

    0b4cec54a8e425ac4640230f085f1f937b7be90cd017aa3794e87b0fa7eacd18

  • SHA512

    6e81ba15a799925dde69116f10d310638fc8654efa5484bd529ca96cdb3d4d139cd05ad6dd5f85cf3a80ef4d3acc43c69c7e39b6cb52b641903f3dc5c96b052a

  • SSDEEP

    196608:U9hiYSn/9G6odpgYG4hRdJB7E0EGKOauNrRUuCcknoawsx:U9hiYSn7odKYG4hj+Oj5Sysx

Score
7/10
discoveryevasionimpactpersistence

Malware Config

Signatures

Processes

  • com.kingkr.ksadkud
    1⤵
    • Checks CPU information
    • Checks memory information
    • Queries information about the current Wi-Fi connection
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4281
    • /system/bin/sh -c getprop ro.board.platform
      2⤵
        PID:4314
      • getprop ro.board.platform
        2⤵
          PID:4314
        • /system/bin/sh -c type su
          2⤵
            PID:4400

        Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.kingkr.ksadkud/app_tbs/core_private/debug.conf
          Filesize

          101B

          MD5

          ee59b7222dc55bd3a1ecbaa78d317e0f

          SHA1

          1674cc2e8cedbd9b8c2ed95f02e048223b35f60c

          SHA256

          2f53083748a9640c97605f520d42b9bdfd256c8b31863ad872016a7f6f4c18e5

          SHA512

          bb33efc4be33e01bbed3551060dd26c21acaf8ee9cb4eb0cb5ef369adcdb6a021107574fc259bd62b703027f65a2edfe46fada39b216579a051eb969bfc252ac

          Download Submit

        • /data/data/com.kingkr.ksadkud/databases/bugly_db_
          Filesize

          4KB

          MD5

          f2b4b0190b9f384ca885f0c8c9b14700

          SHA1

          934ff2646757b5b6e7f20f6a0aa76c7f995d9361

          SHA256

          0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

          SHA512

          ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

          Download Submit

        • /data/data/com.kingkr.ksadkud/databases/bugly_db_-journal
          Filesize

          512B

          MD5

          3c3fbc4abd5a3a37dfbbce9145df598e

          SHA1

          eac4e43c12da73dcb98a5de5ecefa806e0645448

          SHA256

          f95d7d46646ba84257aedb66ec6cd6957b98006d296ff95b904cc8605cf5486e

          SHA512

          65c6512e9ad92ff88f1857d72a1bde35359c3adee9caf757b07e44f895e14a6a73a0094f879c6573efebe4ab6cfa1b0b4080516778f5d6a4749272699ee27c93

          Download Submit

        • /data/data/com.kingkr.ksadkud/databases/bugly_db_-shm
          Filesize

          32KB

          MD5

          bb7df04e1b0a2570657527a7e108ae23

          SHA1

          5188431849b4613152fd7bdba6a3ff0a4fd6424b

          SHA256

          c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

          SHA512

          768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

          Download Submit

        • /data/data/com.kingkr.ksadkud/databases/bugly_db_-wal
          Filesize

          52KB

          MD5

          6134d1aac5f2602b4c3e06a272d6c929

          SHA1

          be40dc9b7c5e1a7d3918845aa82f44facf15b09e

          SHA256

          51c56d2be99ff8bbd522896c31f9767f408a8f4dd0374180bb5f7dfaebc19f78

          SHA512

          1bab1dcbbd4c907844d3e35a373dc3fe89400a0a0194ce11b731a434c86e353474afa6d658dff5502ee8ef85facfe6bbf5f1fc0d134cf6ec24d53d38ed0eba38

          Download Submit

        • /storage/emulated/0/tencent/tbs/tbslog/tbslog.txt
          Filesize

          1KB

          MD5

          0b4ea7a6e87d3b1ef26d10bf9dd72bab

          SHA1

          41c8c947e965c8ff1ebeca3979a9b219be1ab7fe

          SHA256

          a667edba1c213e6c2930e002a7a39fd3def01af3c161d0d982495b34617b95c2

          SHA512

          6d3d3337b6df9f2aa601aff61d2a61cb26e7fd2dc27af949a859b98f9c5f9b9380ca33eec2c1ca33b5bf8f38365bd6ef836489c4afad1d85878dea432716cfc8

          Download Submit