Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

9b105aa612...18.apk

android-9-x86

7

Analysis

  • max time kernel
    48s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20240603-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system
  • submitted
    10/06/2024, 14:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b105aa61294f3e8d176e5f7b5545d37_JaffaCakes118.apk

  • Size

    2.7MB

  • MD5

    9b105aa61294f3e8d176e5f7b5545d37

  • SHA1

    27430cf7f26f58348a5e13fb86b4275636a2f08d

  • SHA256

    0c6beb92c668a4529e8291d6b7de5c7bebd4c58cdd14a3fb56fddf3f411609e3

  • SHA512

    15c1ed7a5ff66c6781ef2bb52ff423a9cf4487b44b9ade5e58b7fa9fcdcc534ca08fd56b0d638beaeec6dd28d6f7a06203c57705275eb042b6bef839107ea922

  • SSDEEP

    49152:FvNic1NfdMLlktAoxWCEOC3tGyzjURBos3/neBZs0aIKeDOWtn5Xg56mKP4Zxd:F1BakAoeOCk9Bp3mjAluO28ci

Score
7/10
bankercollectiondiscoverypersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
    collection
  • Reads the content of the call log. 1 TTPs 1 IoCs
    collection
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Requests cell location 1 TTPs 1 IoCs

    Uses Android APIs to to get current cell information.

    collectiondiscovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.ss.squarehome2
    1⤵
    • Queries account information for other applications stored on the device
    • Reads the content of SMS inbox messages.
    • Reads the content of the call log.
    • Queries information about the current Wi-Fi connection
    • Requests cell location
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4280

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.ss.squarehome2/cache/searchInitials
    Filesize

    2B

    MD5

    d751713988987e9331980363e24189ce

    SHA1

    97d170e1550eee4afc0af065b78cda302a97674c

    SHA256

    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

    SHA512

    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

    Download Submit

  • /data/data/com.ss.squarehome2/cache/searchInitials
    Filesize

    61B

    MD5

    a94bef79ad1e17d0c7f12e67566c692a

    SHA1

    8adb6e0de3c3f4ff42a3312f1737cf9c3613e8fe

    SHA256

    918c9bafdb5fa8e9dd2ad087032d31f851f489ffb6bd0f38aa3ecdad3a7b94fc

    SHA512

    f5db6b053dc512e77dcaa704af10e2785b2fa1bb04d4e76951298d3241696faf6a838eaa3b32c7d13f884c3b136f3a15f7d84012d028d4911e748c2759fa5afe

    Download Submit

  • /data/data/com.ss.squarehome2/files/series
    Filesize

    15B

    MD5

    373061b8e820310c891e3ec0ce3fbaee

    SHA1

    2e4ce0670c32331bbef64b8b1eb1fd9316ab2401

    SHA256

    7fdc7a44ef191743dfe97b5f84208ab284b1eba7c5b0884c281536e8e69b9f67

    SHA512

    8a37bd9de3b6e080a84244c1c4a5417e0bc72191777d543e2985a79ed48807369339ff696a1ca4893c83422eb1df1d4a1eaa2902f3811fd2465848f02ad538bb

    Download Submit