Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c483e372b2414653a8721e891687033_JaffaCakes118
-
Size
31.0MB
-
Sample
240528-j36zdscb8w
-
MD5
7c483e372b2414653a8721e891687033
-
SHA1
b7a58c6e9dd9b0ac5019bf2a710023fb26776421
-
SHA256
c14a60558b26ad8952235ae418120dbe8d9809802115a11c2d6205c123b2cf51
-
SHA512
752de6187238eb13eec21aba904d8c400e96992a4e8c8209c928cd95049d95f687aac882756e684770a898b9b9f6f88b3e8f66d1f8c3b848d05733a3a819d045
-
SSDEEP
786432:mMviIRlEqjmFnYL4quYkgnFBe/3+bFTs9aQ:mMaI7tmYkquYi/3+bFTtQ
Malware Config
Targets
-
-
Target
7c483e372b2414653a8721e891687033_JaffaCakes118
-
Size
31.0MB
-
MD5
7c483e372b2414653a8721e891687033
-
SHA1
b7a58c6e9dd9b0ac5019bf2a710023fb26776421
-
SHA256
c14a60558b26ad8952235ae418120dbe8d9809802115a11c2d6205c123b2cf51
-
SHA512
752de6187238eb13eec21aba904d8c400e96992a4e8c8209c928cd95049d95f687aac882756e684770a898b9b9f6f88b3e8f66d1f8c3b848d05733a3a819d045
-
SSDEEP
786432:mMviIRlEqjmFnYL4quYkgnFBe/3+bFTs9aQ:mMaI7tmYkquYi/3+bFTtQ
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Reads the content of photos stored on the user's device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Requests cell location
Uses Android APIs to to get current cell information.
-
-
-
Target
com.baidu.appsearch.clean.apk
-
Size
2.1MB
-
MD5
0728a78f509210b743d7fa5d6a2ed47d
-
SHA1
646548ba7f4fd6735ec3c67407facfe8b4da8b5a
-
SHA256
3381d5fb20ca460907d9c73c5c3dc120062119a5e6de84e21e6dd5b3e83c0f5e
-
SHA512
faa14176dbc20762ea7125a444578add80db0c84c2df094592c63134f90832acc2e39a4a68c9a7a258c5176263d7b7750d95821a05b1c13b92f5dd8204d16720
-
SSDEEP
24576:oQu4Xif5lMi8xl6cTddCRnAdI9hFaA9IfyVz3K7JCDYgYza7uXBrb9xH6IShmX68:oQpXpiPSddCRnewhVDK7Ekg8XBzHCmf
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
-
-
Target
com.baidu.searchbox.novel.apk
-
Size
2.8MB
-
MD5
a91100974bbd2c98c6290f252c48eb92
-
SHA1
77c42c566b682a5f9d5ca059fe92923f0645e6b4
-
SHA256
dc1600c45a5d6db01aaf6d2a7505d517abdba01f30c089bf6560d4df65fd503e
-
SHA512
33967e9ecba74206983909ecddf1176ef465460c10e0124434c954bfba6a6c08a3308044b6026970c30610b4bd2af888df54cea1cf0441f89f1eecbc6cc61fc0
-
SSDEEP
49152:kLecQ1h4Oxcmem4RygNBo6fTP+neO51rUgIzw4YdYzJKKkMr/mRfmCG8I6v5Mthf:kWh42exRyel7PgL+M5sxcTzWhdJ
Score7/10-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-