Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

8eadeb05c0...18.apk

android-9-x86

8

8eadeb05c0...18.apk

android-13-x64

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8eadeb05c0ffeaff2852e024afae4de2_JaffaCakes118

  • Size

    5.1MB

  • Sample

    240602-trhsjahc36

  • MD5

    8eadeb05c0ffeaff2852e024afae4de2

  • SHA1

    401ad561d9dd73839dfef06984cc8031f5f107ee

  • SHA256

    e627c406e9873ba476b7aa80cbcc2cd7000d66712e74cf164effdbe287f30e89

  • SHA512

    33a8baf1382a11fab8b46c21a2fd0ba87fa870e54740ae83fa2c14f9cea1789a0033eb898db7cc2c9569e859f6e26ec44e104d21aa9222882ee81e9419444a64

  • SSDEEP

    98304:7WaMOc421jhgvl4Coo/oCDlC98NtE41M+eUjaCVRoYtdwV2n6ji8Ug6:KaYLggoHmkt82rZAV7Ug6

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      8eadeb05c0ffeaff2852e024afae4de2_JaffaCakes118

    • Size

      5.1MB

    • MD5

      8eadeb05c0ffeaff2852e024afae4de2

    • SHA1

      401ad561d9dd73839dfef06984cc8031f5f107ee

    • SHA256

      e627c406e9873ba476b7aa80cbcc2cd7000d66712e74cf164effdbe287f30e89

    • SHA512

      33a8baf1382a11fab8b46c21a2fd0ba87fa870e54740ae83fa2c14f9cea1789a0033eb898db7cc2c9569e859f6e26ec44e104d21aa9222882ee81e9419444a64

    • SSDEEP

      98304:7WaMOc421jhgvl4Coo/oCDlC98NtE41M+eUjaCVRoYtdwV2n6ji8Ug6:KaYLggoHmkt82rZAV7Ug6

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    behavioral1behavioral2

    • Target

      gdtadv2.jar

    • Size

      185KB

    • MD5

      61d382a27900ed2d4cebdf457267f1e5

    • SHA1

      f80ad366ab26348f6a34087363ff1ca2d2d5e993

    • SHA256

      820eae192b97f58efec7165398c08125315a15bf474695fe68ff06f19c9cdd00

    • SHA512

      0dbf43014c0f4b8485e3345d6e1521485099d6e91ad585b25ce349aaff36e8c7a3db88b73d27db6fecf20dfd962b4d41708791c9a18aed39d86c05525d5c3217

    • SSDEEP

      3072:7JH59twK9nIvYAAj5P1CNiq3l4QVacCZ0eqTMeipL43j/y:7d59HJIXcYoq1BMjJ8Dy

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks