Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d5a344d039d950086bbf56aa7bd8849_JaffaCakes118

  • Size

    10.5MB

  • Sample

    240514-bnmyzadc4y

  • MD5

    3d5a344d039d950086bbf56aa7bd8849

  • SHA1

    3797992d9e70ab133ab508a61de567510c5c51d3

  • SHA256

    6aa45b6f2e9a8a00cde6f0d63461d2011052f13f692a6e77b498a558abab2970

  • SHA512

    48486d80feefbbf0828237dcb666b8208a571b3ee0bad99774a568bf0e374ce6ec5c771f5e73d9cb749dd3fca9ceb27abc69d561d243622a8e652b09c5649c27

  • SSDEEP

    196608:wGmFKS4u8ry0MCYuAquAQyrhF7Ys3BRwedO/C4u7UCkM/maN+6L/706dR9tRGCkk:zugy/Cz9Q+hF7J3B8C42/LT0sRiq

Malware Config

Targets

    • Target

      3d5a344d039d950086bbf56aa7bd8849_JaffaCakes118

    • Size

      10.5MB

    • MD5

      3d5a344d039d950086bbf56aa7bd8849

    • SHA1

      3797992d9e70ab133ab508a61de567510c5c51d3

    • SHA256

      6aa45b6f2e9a8a00cde6f0d63461d2011052f13f692a6e77b498a558abab2970

    • SHA512

      48486d80feefbbf0828237dcb666b8208a571b3ee0bad99774a568bf0e374ce6ec5c771f5e73d9cb749dd3fca9ceb27abc69d561d243622a8e652b09c5649c27

    • SSDEEP

      196608:wGmFKS4u8ry0MCYuAquAQyrhF7Ys3BRwedO/C4u7UCkM/maN+6L/706dR9tRGCkk:zugy/Cz9Q+hF7J3B8C42/LT0sRiq

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Mobile v15

Tasks