Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7d549d3b29ee96b3582b050a13f8d8b2_JaffaCakes118

  • Size

    25.2MB

  • Sample

    240528-r2pmqahc3v

  • MD5

    7d549d3b29ee96b3582b050a13f8d8b2

  • SHA1

    4c6bb894ae953cb8a5718bd9183b8cea5458f732

  • SHA256

    c72748388024bc9b58ecdcef039618b8ea08494d5985c46417080d9e60dd9382

  • SHA512

    a993ddf08e7d18aebaf3e3dd435972e4bc4f6e3b7d4fbb90d8fb4327622f8f8b0f97048fe8b57a36ec669121d02e34e2a3b23abe9a26f04ef0f6a3172b01d0d2

  • SSDEEP

    786432:0RtofUF3TJ4Jv0JotT0OC8o201Y1fpR5q2Vr1:07oMF3GJsJ2T09t8TAM

Malware Config

Targets

    • Target

      7d549d3b29ee96b3582b050a13f8d8b2_JaffaCakes118

    • Size

      25.2MB

    • MD5

      7d549d3b29ee96b3582b050a13f8d8b2

    • SHA1

      4c6bb894ae953cb8a5718bd9183b8cea5458f732

    • SHA256

      c72748388024bc9b58ecdcef039618b8ea08494d5985c46417080d9e60dd9382

    • SHA512

      a993ddf08e7d18aebaf3e3dd435972e4bc4f6e3b7d4fbb90d8fb4327622f8f8b0f97048fe8b57a36ec669121d02e34e2a3b23abe9a26f04ef0f6a3172b01d0d2

    • SSDEEP

      786432:0RtofUF3TJ4Jv0JotT0OC8o201Y1fpR5q2Vr1:07oMF3GJsJ2T09t8TAM

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Acquires the wake lock

    • Checks if the internet connection is available

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    • Checks the presence of a debugger

    • Target

      MacroDroidSystemHelper.apk

    • Size

      308KB

    • MD5

      d2c8fdd0212f24ac2fdd5781b9744f21

    • SHA1

      a6be4ef5fa28df30d3f8d6efd8adb062ec712ad5

    • SHA256

      56c23a6fd5b72cfce11ff445d8470de888bec9f07dc7a5110ee825047001d78e

    • SHA512

      1c6b61cf7134b550c7da7430816e3950545c9af9de1d521954b35872563502201871e48ec90383d8832e37bd4baf6f4268bd3174aae12ab47b7fda552da31221

    • SSDEEP

      6144:5epAtzqrBk+7p5ZbT66t6IuM3IjCsrgkJPKiZ1w3LKVLDXgSdB1xy:9Mz7p55o4MwkJyi7iLKJxDny

    Score
    1/10
    • Target

      MacroDroidSystemHelper.apk

    • Size

      152KB

    • MD5

      ac35cf6e88610191f73e77520a42d233

    • SHA1

      17d8c477029bae86d4314fddc2e4aeeb8ee68fae

    • SHA256

      3d3b532bbea1db2ef2926dcfccd787d327fe099a26f7a0b8a7c5d5ea157f210d

    • SHA512

      72db045244b366dfe06b2e821be63346be04eae132bc6b61b218d9fb3c06a80585dd6dee43aab60b5ab7a475bc692f6a20936410ee23c39620409a08a5bf7efe

    • SSDEEP

      3072:Io3PWpRfELU2zvqrMCD4+xjdp5ZcoT6lst6zwSAuUpcbRiLIxpCsY:depAtzqrBk+7p5ZbT66t6IuM3IjCsY

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks