Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

7622aca481...18.apk

android-9-x86

8

__xadsdk__...__.apk

android-9-x86

__xadsdk__...__.apk

android-10-x64

__xadsdk__...__.apk

android-11-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7622aca4817931650f70563513f7674a_JaffaCakes118

  • Size

    19.7MB

  • Sample

    240526-t968vadh33

  • MD5

    7622aca4817931650f70563513f7674a

  • SHA1

    bddd206442051838fad98678adea532a8656970f

  • SHA256

    ea54b83b70f6614a6ca0a60a78c4abcbbe5be461a15af22ff4546fe71d0dcc80

  • SHA512

    55ee320e0636f4479d9b47371ba5ac1ab66c77ceb535ec19055eabffa829edd1ecbb8328f096759593e61e651d4d7d63cf7885f9988dd8bbe7ba321ecb9ca53d

  • SSDEEP

    393216:wyb2cy2rhMozrvwCWu+S8xxGIwl7OPNvlfXFOKZ2ryiEJSov5Z2:wuIAMI4CW6EGIAOTqy1Re

Score
8/10
androidbankerdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      7622aca4817931650f70563513f7674a_JaffaCakes118

    • Size

      19.7MB

    • MD5

      7622aca4817931650f70563513f7674a

    • SHA1

      bddd206442051838fad98678adea532a8656970f

    • SHA256

      ea54b83b70f6614a6ca0a60a78c4abcbbe5be461a15af22ff4546fe71d0dcc80

    • SHA512

      55ee320e0636f4479d9b47371ba5ac1ab66c77ceb535ec19055eabffa829edd1ecbb8328f096759593e61e651d4d7d63cf7885f9988dd8bbe7ba321ecb9ca53d

    • SSDEEP

      393216:wyb2cy2rhMozrvwCWu+S8xxGIwl7OPNvlfXFOKZ2ryiEJSov5Z2:wuIAMI4CW6EGIAOTqy1Re

    Score
    8/10
    bankerdiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1

    • Target

      __xadsdk__remote__final__.jar

    • Size

      83KB

    • MD5

      607e65052147713115dd87f0866d504c

    • SHA1

      5ff2a1c2ebedeb61236c56edfde6406828a05c6c

    • SHA256

      fe2fe2810faab43ae935927bfde6faafb8c74532f760afbecff9585d4404e741

    • SHA512

      2bc7144ac0c6dfbcf097f778ee110405d9c58f4fc4901356c2cf2622d7a4f6b12ce30a51f168962a8c81fbab9c46a65c2b219633dd2a80cc345dbf255cebf2a1

    • SSDEEP

      1536:eKSS1UbomStT19s4G0/GZzgrF2nPOgfbexVK8RV+0XUv5VzUxwh3MPeUivu5iy:DSYsStT1ZT/ugrFsmgsHWzUxq3MPeUi8

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      gdtadv2.jar

    • Size

      126KB

    • MD5

      1a1e5b53df85a5387f2dbbe3dfe29cd8

    • SHA1

      5ef07ed49352921198162d7f900218dd0fafa03b

    • SHA256

      1464e74ed757715bfbfaf984ed2fb2299f109fc29969ccbc046c77d9370dc907

    • SHA512

      2101f57fde4ad6f13f3472b03bceb3ff7e2078894efc6330e680cb98df820068a70d6db6225d0185084b404e7f5509560f5b81f021c03da1750da0e08396e9bf

    • SSDEEP

      3072:STF0mPpZPXVMvY9dWxRCuFdRfTcYPdN1dr7u7C4WsTmNQTfBrG:SxPTPmvY9oxdrfAY+uZRei

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Mobile v15

Tasks