Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7ef152e998263addfb3770bb7be23f98_JaffaCakes118

  • Size

    30.3MB

  • Sample

    240529-awa4psbh44

  • MD5

    7ef152e998263addfb3770bb7be23f98

  • SHA1

    262a6d9ed3826815250fcbd2591a3cbd38f42edf

  • SHA256

    5f3d935de1f28dacd1090a4851c64d97e0300e6cf1c8f589851f12f319d7c938

  • SHA512

    5d10b9d3daa06445e983a68078635e510a10366dbff3eabe69a88e5ed4dc8b774738de7a230956d8bf43011a5671950ecd599293bdb66eac3e0a0eab5e4d13f8

  • SSDEEP

    786432:98yJ1bIC7/WRMpDoNAZZPVXsEyb7TueTz06hQ/ddhc:b1MC7/WmMAnPVXsbnTugz0bs

Malware Config

Targets

    • Target

      7ef152e998263addfb3770bb7be23f98_JaffaCakes118

    • Size

      30.3MB

    • MD5

      7ef152e998263addfb3770bb7be23f98

    • SHA1

      262a6d9ed3826815250fcbd2591a3cbd38f42edf

    • SHA256

      5f3d935de1f28dacd1090a4851c64d97e0300e6cf1c8f589851f12f319d7c938

    • SHA512

      5d10b9d3daa06445e983a68078635e510a10366dbff3eabe69a88e5ed4dc8b774738de7a230956d8bf43011a5671950ecd599293bdb66eac3e0a0eab5e4d13f8

    • SSDEEP

      786432:98yJ1bIC7/WRMpDoNAZZPVXsEyb7TueTz06hQ/ddhc:b1MC7/WmMAnPVXsbnTugz0bs

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Mobile v15

Tasks