Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

5ca6978203...18.apk

android-9-x86

8

Analysis

  • max time kernel
    3s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    20/05/2024, 02:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ca6978203e1824940f30467756d0f70_JaffaCakes118.apk

  • Size

    3.4MB

  • MD5

    5ca6978203e1824940f30467756d0f70

  • SHA1

    e35d13e9cdd1b737adffa67caf53648dd6973350

  • SHA256

    e648300ad4560488512a353df4beb6e2ec4fe5e36c4fac02df81e2ab90c853aa

  • SHA512

    c582166fe90ec3708134277c9f95412aa3a2a5ba610a341cc06d2a5132b8366e0747398394d34a32c601283db9abf7cf3cff3b8dadc4816adc36c543cc841dc3

  • SSDEEP

    98304:mDIYmah/5ujPZKhCTy22zZPxnrg6cKQ3Jpq:mzmaHoPkhCTy26ZZnrtYJM

Score
8/10
discoveryevasionpersistence

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 1 IoCs
    evasion
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion

Processes

  • com.yiwyxb.yy_448317
    1⤵
    • Checks if the Android device is rooted.
    • Checks CPU information
    • Queries information about running processes on the device
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks if the internet connection is available
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4278

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Android/data/com.yiwyxb.yy_448317/files/tbslog/tbslog.txt
    Filesize

    114B

    MD5

    f69b2a4e9ff1b52fef8032e8a77a1d1f

    SHA1

    a65dcb8755864edc444580466172eb925afdcef0

    SHA256

    6454779730ab19ffb23aa9d7bf69194c128f2460105a07feb9737f138ae5e22a

    SHA512

    995d50fbd1a81b2f140ecde9d9c4de397f5293a3be3ab99de19b5b50222afb01975e9441300814d5249cfc80b4e005232fbd2fb53ff4c12c2e651c7e2d5176c2

    Download Submit