Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
170s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
27/05/2024, 22:08
Static task
static1
Behavioral task
behavioral1
Sample
7ab47a8138f0d59a6088e165165c6087_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
7ab47a8138f0d59a6088e165165c6087_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
7ab47a8138f0d59a6088e165165c6087_JaffaCakes118.apk
-
Size
11.0MB
-
MD5
7ab47a8138f0d59a6088e165165c6087
-
SHA1
1551a18945b49d48ce610ee244622a823b08675f
-
SHA256
4cacf28cfe177667521015cd6c1eabee62922efc78a77df509df491691f5cf4f
-
SHA512
b01b5c6861f187b0dcc7f2a2d5f2d5699d1927b4d70d819e4c8e0ba74d92a3e947d3f484afc05bed3f4926ab2b27e5acb8f32203d30294a0b14ebdbdf75ca2c7
-
SSDEEP
196608:l5LuKjlAl1kyEHWVu0hA8hRZEF9lr4csJNyyBlcHR8dpGbhdIuGADl8PEtLx4:WKjlGSyc0Ir4XN3cHR8fGbhdIq2EtLx4
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.uhspace.feiwa:remote -
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.uhspace.feiwa Framework service call android.app.IActivityManager.getRunningAppProcesses com.uhspace.feiwa:remote -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.uhspace.feiwa:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.uhspace.feiwa:remote Framework service call android.app.IActivityManager.registerReceiver com.uhspace.feiwa -
Checks if the internet connection is available 1 TTPs 2 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.uhspace.feiwa Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.uhspace.feiwa:remote -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.uhspace.feiwa
Processes
-
com.uhspace.feiwa1⤵
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4281
-
com.uhspace.feiwa:remote1⤵
- Requests cell location
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4348
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5KB
MD5ba16a061e8dcd32ed690f6373ef9191b
SHA13e25ff622ef91ecea0ee2b7b02857b7e9940cf73
SHA2569b5ba05318c938588632e5b96c013078d812535a787b3e8d82e51a64e59257cd
SHA5129445786d76a3f8d8b14701e4acd7688035aef2f3a0f391dcccd4ea82cb08657d960baa344e99bb3a31271d4dd9eaa70b9f70e1568c02e2c630308ab83c8dcea4
-
Filesize
40B
MD5a689895f98eeba3ad54c857fb7d3d491
SHA17b4bbe717287a91a5a6ab19a0bfd0a314fcca556
SHA256898acf5a8ab518b0b83c6df22462def9085de719e0f25dbe6097acf4fd140206
SHA5126e3594e8dd35521f5b8aea180ec54b6a09365a5f418241a0eacbd131cb41883b3a60f23fe0cbaa216ade13b29e73a35283ded1c5c4330c07e85068af0e17b803
-
Filesize
32KB
MD54afd9b9b59bba8c5097f276a64929f3f
SHA1be4bafecf05b0f8960c21675f782e08aa5685d14
SHA256a6ee1bcf03771d2117b8f9138884e3865d733bdd1ad3f5c8b029182f9e0722d8
SHA5126c62d3816c9f1e353dc162dc9a6f1ae39e86bd3c211c5db27c5ceed0c5cae61cb6f6444c64b5b40a7a685ce93dd27d22982644848b1dcb89b822035e0386578c
-
Filesize
28KB
MD535c156519488e49fea2f58c4346150d8
SHA1603ffe6382219ee5b8a838598592258eec7cf83b
SHA256ec9dc15a84bb695278084460a4ae6ef25f7f8ca0917ebdf1ff5c6df9ffb9262c
SHA512aa691d10792a67f51f4915a1e726d5b701620fa6865ab75698324cb96ad68e07c5d67967ca38b53488bf6d420295ccf0c4614d6dd3fd9ed42cef913e72196ae9
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
44KB
MD59c002b71861df84cc032b5facab116ea
SHA147da03c7e0b85eaee05be31f20e4a41a0cbc24cb
SHA256fdee473443e3101dbfec7c82d38ddd40cb378e5f0e2472af73a4f319010db404
SHA512b392df8479a48cd67b5983cddb2e4843454c1eeb9d20f7db3e6d729e8e9349cfecf447340bab785ba212f43f83dd08c75c9b782c1e351ca3a6e24f25f6055112
-
Filesize
113B
MD583110b04316f2b0f7925e04aac6aa996
SHA101739afe26a24ce178cc0d7172a47b0407cbf690
SHA2562a8a4c033bb75c8fa50ee6b4db0a0b00abb3d3e477892f2fec00ab2865548c9e
SHA512a19c818e05a36b22a30c205f80f2dc76d86256b67d96ad50e0d1d92f4e9fc03518a66c4fdf30e20aca3c40c49b89f4bee6afe373abba13092925674126f685a7
-
Filesize
905B
MD54a8d41e980800c83ab1577628c094b88
SHA1e5cabdf77f1c1fb5e7d7440c13d284cdcdbdf559
SHA256d0e0efc90127855c3c2f1062b15ef728de544d4475cd0a8fec07aecc0b72f286
SHA51250c875d5be7b97e618d8ee9e1cff8783f2e36087d5dd11fbc591d2dcc207fa118b3798484a04d7a858de08aa1b622e311c2d8a34517b63358802b0dd07d55c85
-
Filesize
8KB
MD5f119030ca4f300955671bae66f9c49d2
SHA1857f20a7083a8c6421bf839fec5f2064bc1f5337
SHA2566bd759219be723fed47bcd7b4c0d1f95443340a770d430e212e28e0659024064
SHA512f1398bf04da09714e195c87d39b1724c7791bb939f182abc2714d44b89f9d13bf2a1d621c865b436bbee45dc5ccec42cf13314843f1b4390ece0ab2d76e9526b
-
Filesize
85B
MD5348f8a6ba5b199ea72f9f6fba3b9b4f5
SHA1b11853d813ed8dac033a16fab21eaafb97bbd88c
SHA2566dcb1a064159629ec4616a1b9d40703b13a5e4ec6591e5440c195c5944696cd8
SHA512960976538bc70259901db108b410cca08c992b301b190d5343a4d3249c2e22d8849b4496f81357fb9ea5f380dff39f4a2f030edeae1cbfdec0c99504d574b4c5
-
Filesize
82B
MD56ffc60be0d0d2f00e7c9d68782af3ee9
SHA1825fc2c2f92637337aa227926f653b38d676037e
SHA25647cb729631386c2dd8a945d4be8338ed5b8454875781cfe0f1b490a1f261d099
SHA5124d6d955ffe1f197c0bfe64fb1925c4ef979441081fc00b1507ccd644e2d04c1022d43578f84f233948619c425a8adb768c6672a6a96ed9ce28f5234216abe452
-
Filesize
512B
MD5a11d01ef3d0cbb7dd08e76e6a9a449a1
SHA120e0af2d22548117a3bcc62fa14c3d0eeca0b8fa
SHA2561f1fba1f3ac29aac52bdd8d4590a64a97fff72420b20e31d2a765381021e382a
SHA512260bfdb5b1927267e9a3a182c5e12f83042ae758d27f1daa9f45cccedaa5ed50ed094367258577b54ca92d3e15dee91886c71ad21803aa00b0f6946edeaa1bd7
-
Filesize
24B
MD5a936690571e9104e1922dda4a0ba5bd1
SHA165f49c57edde2f96be2a1dbdfc3f7351f1e66554
SHA256f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412
SHA5123be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394
-
Filesize
24B
MD51681ffc6e046c7af98c9e6c232a3fe0a
SHA1d3399b7262fb56cb9ed053d68db9291c410839c4
SHA2569d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0
SHA51211bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5