Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

75849c6a7a...18.apk

android-9-x86

8

nplugin.apk

android-9-x86

nplugin.apk

android-10-x64

nplugin.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75849c6a7afe9b705dbdf6a0734f9bc9_JaffaCakes118

  • Size

    5.4MB

  • Sample

    240526-pytfdsee62

  • MD5

    75849c6a7afe9b705dbdf6a0734f9bc9

  • SHA1

    536c4444da9187cf6191123792360efc162fd008

  • SHA256

    315811613091c8ef89b8834166f6aee288acdc015b6faa7901da0ac962b127ed

  • SHA512

    5646c1b88a92e2b9756c8aae47df2c9b8f2785cb5c1c4acd3004b3ffea43ad1966e5f12213c16f667140e3c314b2be45a70b64566f6798721acf16f896106753

  • SSDEEP

    98304:PMrYGW0cSGeYQ3B/gd4UNWfo2Ry/IGjk0KY+4eaeaW9jzwKhUDwCR12:Ur20i+32WQ2RywGjSYe/uR12

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      75849c6a7afe9b705dbdf6a0734f9bc9_JaffaCakes118

    • Size

      5.4MB

    • MD5

      75849c6a7afe9b705dbdf6a0734f9bc9

    • SHA1

      536c4444da9187cf6191123792360efc162fd008

    • SHA256

      315811613091c8ef89b8834166f6aee288acdc015b6faa7901da0ac962b127ed

    • SHA512

      5646c1b88a92e2b9756c8aae47df2c9b8f2785cb5c1c4acd3004b3ffea43ad1966e5f12213c16f667140e3c314b2be45a70b64566f6798721acf16f896106753

    • SSDEEP

      98304:PMrYGW0cSGeYQ3B/gd4UNWfo2Ry/IGjk0KY+4eaeaW9jzwKhUDwCR12:Ur20i+32WQ2RywGjSYe/uR12

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      nplugin.apk

    • Size

      19KB

    • MD5

      173b848e8de1400368c3fa4b689d952d

    • SHA1

      990872490beb240d9a582eb19247863114245324

    • SHA256

      6871a166909bda6d19631375cad6963db629c519b018e871f216edf11bc02b9a

    • SHA512

      460a85e3e9430602209b2dc8f42e3b0a996bb1917802798b6dee66516b14575f87f56b451ff66a793e15e15c99b51ae20dd4f7129d320e3e0d20e3dfab0387db

    • SSDEEP

      384:CfxyWjOMKBUTTqN9/99OsHFe514rc/W4KmOlru2s6695cO2gZKf45xR:CfZjdqpfAOc/W+Oru2s6695ckZk4nR

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks