Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
72s -
max time network
149s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
31/05/2024, 08:39
General
-
Target
86676516144a25f6e6fa5441f3c9e666_JaffaCakes118.apk
-
Size
27.8MB
-
MD5
86676516144a25f6e6fa5441f3c9e666
-
SHA1
4c18c02872c6a5ce8b7a484efbf7cd6c169cfe0d
-
SHA256
12a1949dfe3e34358a15cc8384bc0dd87be8c1d145645f69a2f52689f01bf6f8
-
SHA512
7c33d2d92f8e8c02e95000d320e3718c291adae222ea26caee59c289f00ea8c1bdb1fe95c70f075dbaa01551e48d6062d1ccfcc2491f131dc117e576fb8fa847
-
SSDEEP
786432:7d+CaDVIkEppqZMqrZ3Br6NsxXFQb2Ksk4FgD:7d+CaREetW6hFEfTFD
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes
-
com.baidu.yuedu1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
ls -ld /data/user/0/com.baidu.yuedu2⤵
-
-
chmod 701 /data/user/0/com.baidu.yuedu2⤵
-
-
com.baidu.yuedu:pushservice1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
45B
MD5e3ee5234264cf26c15c42ac7c5cd5a52
SHA1938825f170d9137bce0174c6b0b898a548075f85
SHA256ff6d890406a31f7ee610a8a1b9b28a297ea4cdd5af21e292299c24e7f2f88172
SHA5127d37de7ad62aa3fc6d593f76eae1fceb9c8fdbbde1831d9d9275f803fc9a378c28dc73805d91894cbbe016cc3d66c2bdec61d2861024bf24a0ca75cb09a2c0ea
-
Filesize
512B
MD522f6af8591c5ae9d0c8a390e59ac1f73
SHA1b9511d9258f6d9c7be50064bfae9cb6334ef75f8
SHA25654cafc2fd77854a1a4416c8b2751d18c81ab6b824182533c7a4a0d5d2cd12799
SHA512583217e124341c115809187eef06d93d39edadb0732200cbf413e1747d7b4406e67090d46acbb470110a65ac199a86b729c3d46834974bac9c5e5b6c17487bf8
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD552ee9718c9c0a9e93bf398ed32c66298
SHA135ff9dff62a21488a5d4dc6cf11dee58d08d76e9
SHA2560e91d2aba09e65bd768c4141fa2c89f65184618b08e50bd18b75d03f69aafdc2
SHA5121e9040841c7a54204469c5239a85c71274dc6aeb70b51a3881a8d67ba48bfa74e2618ba4eec1973a28c34b574c89f5aa16cb6f1114984022a6dc08b1eae8d577
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
40KB
MD5e436ef5585665d0d9e01364f7975e994
SHA14f7f5ccd52158f605191b151c7a83603a4540532
SHA256775a99906679131968d7c58824ddd669319da8c9bb787cb09b67b9ec37748833
SHA512c40cbaa2e238cdb6b6b0aa8ca55b4449916ae6dfae82c746d06289a442f27b3d80c79d02d260d3adae9d660989c92be9b60da63adab427c5fee5d68aa0c6d54c
-
Filesize
512B
MD54731cb0cc9cf4dfd13b5e2f64257badd
SHA10a6bcff28e2dede9822eb69b12c52feb10cb30ff
SHA256e13b948c82e3b1d8f4398488e8cb938a0ac1dbaae1619c35e5a3724eeaa83c2d
SHA51276d647a017216f9b376f89a4af221a0bed0923b5d75f3e8028e24e708c959c71ae3d64c922833cfd9d76244feaf6881a6346b236e905d3ef4333a287dcd2f78e
-
Filesize
40KB
MD52d033954eab3215dcb6d7c47c27c56ed
SHA1e4c563af6e1e2b23bb52b634fd466b0446ce52be
SHA2561ff3e219467fa2a845a40a20cbce3d168cb159c22910641c01ddd518a36e13b8
SHA5123125f6c399d9a9f4813f1f06981a654dab36e6d5281d2e3ecb8b57eae955f61bfe8002485e88b3a99614a40c57234296e883b12cdac4080a166e7def5afc415c
-
Filesize
148KB
MD5cba3c24678f0f302cf69a49dba12a933
SHA10e84fb7ef2d816e6d6b9db9bfa50e74ab34d5d26
SHA256bf697d2149982d2353531ea38aedf1ea6e516451f0b0a8aedce564b319283eab
SHA5126c92c4af797ce2f6b343de9d94fe6cf21328539eb0710121ebc221c16bd86f7980f73a05e88cc020b2cc2ccb58dfaadbf1594d65eb3168c66ee74331730b6618
-
Filesize
512B
MD52f7876903c822b14384f9f9374d85eb9
SHA1a580f13bfbab04cbdbeae9863de735f6eeebce05
SHA2562b1bd763765ac1a37ba718f27b31ef8da9000b4adea572fa9f5264794105e383
SHA5125090346f565ca6c375c061a70fde58fcb19bced0f953c2134eda563e91fc86907f64f961bc8ebdb1c3d15179c9255a577612ba317c124c3464696135f88748a5
-
Filesize
120KB
MD5ed584dae366896a3b65c1d21c07db9c2
SHA10ce0831bc13f003783ce5fbd09fbc2d128531d8f
SHA256fc21080df3dd5a03ece1bd2e7ff27209b053ce28c9fd6cff2e15c5616bc6603d
SHA51231bec9fbb020361df6f883a842daa715f8ca52538896784cddd2d9c7950e99643448e619ec3a18c059f33be79a9087d2a3d169f6e022132946e959bfd6d48a95
-
Filesize
90B
MD5a907d1911656f11575bd8e02021594e7
SHA1d090a195716962eb3fd092eca2120e84d5b95cfa
SHA256373ac955f6d7f17046acd8e342b41b9093570dd127184380c2cf0bf19dc17ebd
SHA5128536f41f25cf6370a967f63d9d4cad47fae7982e9dacc945af6632c3d564601f83a02855062c7b179727fba75539706aa0cc96b127c59db86b9c7e6133edc665
-
Filesize
512B
MD51d88f03129b868bd4fcdc3981efe1e45
SHA1192105d72eacd6c68bfd8d616e86ea5d7b8db538
SHA25668c9ba9493024af25b1164ae5280d4edadc2f42449cbbc70753074e69a67d66d
SHA512495155c6583991d60dffd3efe72ef98b2ec076849499f5ccf8b481326baf258b72e4d39985ec7490814a866d976701c2e8fd9c26997f2ea790a7e7a6d9d9c383
-
Filesize
129B
MD50198d8fcccbc9053db20591886f43c2c
SHA16c46de414d4a0a6553a5f97fdc78771fd6dacc79
SHA2567206bce1b1a8be9f85a85f389491d17f5e8be61d01bef1454dfd3aef1c727222
SHA512babb53275f946019cee0b01b06b583611e4333461c059e9e83958202b07506ba8b3a6fac80fc2ea7f168def32c3f3641313b4e7fab64d38d4d66f50191d99e26
-
Filesize
277B
MD5ba8b1cf4b1710025b888e10d8d14548d
SHA11941834070e5bf91295359e2672e2cc7235b3605
SHA256b5ff63e87216000c5493e3d61324af8bd86c46c601d90ca72d953b1bffc853b7
SHA5124b76946060fe9cdd58a20981590977339f78c86a7b7be24c2d730c6f5abaa98249f2990a07b0de083727634657dd5271d8d55ffcc02c15d291888de2d3333bd9
-
Filesize
444B
MD5829cd89538a4ddb0f6d42da491f67598
SHA11c791aa783c5ccfc6f858648fc15c27eb1d879d6
SHA2568905ca16c74cfacc7105a2da977b417bd016bfdb09a7241211d04c9adc5b7ded
SHA5127f658fe129e0825a66a9aeef7b95e890caee43de522fb39c37ad247435a7388b9f410159f54e401699ba30006e3645c8d35ccc7c549a6e4284bb1b2bae8debed
-
Filesize
78B
MD5c6741044cd3b0ee5a65942e531cbcda0
SHA17c15bf94e76d8ac37949a06e312c288433aab73f
SHA256c1305acc849145264715a1e2c871b15068cc46ed0338c8e9da954312700f0bf5
SHA512313ad3289643efd5fe232c8a10186c6ca500d23d90c594cbbd8ff8e99a1d07dc509861e87591dbe971da270da67da931f6f33f379efa5ccd0b95cafa1cfc866f
-
Filesize
128B
MD51f4642859db5250c0e39ee3b458ae377
SHA1169ddac18344be821ceb803f1a525c8032ee404f
SHA256962ae93c73d99860513afacb5fcc0a3c226b53250e0dd291c8511ed8af348094
SHA5125198b9efc509d1e273d5637cd0739a65c644be63cdded45424cdacb9a1730d70d9ebd53d3651ec4e5bff22072ce8595dadabadb77755ad3958f8ee2496eb5a04
-
Filesize
32KB
MD5e7b744196da1f40dae20b6d275c52798
SHA13c481a32fc8241deedf69f9518c49f11744d7e1f
SHA256bd07e1bc9657b87d6a45b5aa7a83b33ea075f5f571d3b5fe3e20f9213fac67aa
SHA512790c0e1f1aa5136638145e91a968556338f160d8950a17782aa703865390ca82a5184300c22197ecc2b288ed53ebdb477fe54666ae662b803a533a2c1c41cb5b
-
Filesize
129B
MD5dc114421513ed521db8949bfeff89e87
SHA12a0ffb1b5e7e533a373aa2555ae447068c7ce274
SHA256bfd77332547ad4a3fd54abe7f8ace854643cdb2c9ea9e1f8bca550577319c559
SHA5121303d9b3084615242b54758f73c1358f649a1050d55777a4e4ba0257007529d2debc17492ce97aabeb3374050e46260b20b747b95b598bd9ed89a345d34791b6