Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

7d53b2d525...18.apk

android-9-x86

8

7d53b2d525...18.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d53b2d5255a0fab1c685e7f988cac3e_JaffaCakes118

  • Size

    12.3MB

  • Sample

    240528-r1pw4ahb91

  • MD5

    7d53b2d5255a0fab1c685e7f988cac3e

  • SHA1

    d2da0e0b92190383406649ba04a7a4947f2586fc

  • SHA256

    6f147d7da4a1a4595dd35774464741a00eddb3b5022c3cb794a059e1ab186f53

  • SHA512

    8a3f7421ff32f210eb6824012ff0ee987670c731c5d5b8fcba75ba9e9abc4218614fd6581c9209607a5ec202493506f60717d4beddbdf3c322a280c5a3cc1fe4

  • SSDEEP

    196608:Y5D26pDmV6zUKX2q5pqN+lqN2e9z7owedO/C4Mf4coMBpkhgaN+6L/706ddll9qb:2Hsq50WqlRlC4QBpMdT0slTKUTNuOi

Score
8/10
androidcollectiondiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      7d53b2d5255a0fab1c685e7f988cac3e_JaffaCakes118

    • Size

      12.3MB

    • MD5

      7d53b2d5255a0fab1c685e7f988cac3e

    • SHA1

      d2da0e0b92190383406649ba04a7a4947f2586fc

    • SHA256

      6f147d7da4a1a4595dd35774464741a00eddb3b5022c3cb794a059e1ab186f53

    • SHA512

      8a3f7421ff32f210eb6824012ff0ee987670c731c5d5b8fcba75ba9e9abc4218614fd6581c9209607a5ec202493506f60717d4beddbdf3c322a280c5a3cc1fe4

    • SSDEEP

      196608:Y5D26pDmV6zUKX2q5pqN+lqN2e9z7owedO/C4Mf4coMBpkhgaN+6L/706ddll9qb:2Hsq50WqlRlC4QBpMdT0slTKUTNuOi

    Score
    8/10
    collectiondiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks