Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

9b3224782d...18.apk

android-9-x86

8

9b3224782d...18.apk

android-13-x64

7

gdtad.apk

android-9-x86

gdtad.apk

android-10-x64

gdtad.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b3224782d88d8f311cd7e331263f45b_JaffaCakes118

  • Size

    29.3MB

  • Sample

    240610-s5p84a1hpc

  • MD5

    9b3224782d88d8f311cd7e331263f45b

  • SHA1

    5cc902ffa7882f99d7c7e627827b410505ebd3cf

  • SHA256

    cbb52bf1476d865a7a8ba167868ba116a272c5d1e5f967422a0f8ab8645d07a6

  • SHA512

    33432888e4ecea005f606243f68cbd987b2831f7e67c429105e12e39d978aa4e43504021980363b88a5d46168541761102bcf5968b4faca6e1bc0ff7257bef77

  • SSDEEP

    786432:Rro8eMZcJQIReyBtSu8CkZT7CkvOAmKtFjpem+SJUnAyUQU:u8eMZczZ7qJZvJvOAmKtHem+SanoX

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      9b3224782d88d8f311cd7e331263f45b_JaffaCakes118

    • Size

      29.3MB

    • MD5

      9b3224782d88d8f311cd7e331263f45b

    • SHA1

      5cc902ffa7882f99d7c7e627827b410505ebd3cf

    • SHA256

      cbb52bf1476d865a7a8ba167868ba116a272c5d1e5f967422a0f8ab8645d07a6

    • SHA512

      33432888e4ecea005f606243f68cbd987b2831f7e67c429105e12e39d978aa4e43504021980363b88a5d46168541761102bcf5968b4faca6e1bc0ff7257bef77

    • SSDEEP

      786432:Rro8eMZcJQIReyBtSu8CkZT7CkvOAmKtFjpem+SJUnAyUQU:u8eMZczZ7qJZvJvOAmKtHem+SanoX

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      gdtad.jar

    • Size

      75KB

    • MD5

      7068fc92af9e6dc686de8924e174180b

    • SHA1

      e8c47cb6f40b058b96bc5ab1bbff6a0a1a2adf2b

    • SHA256

      8b759e7358f706522f51d8774d38f264e13bd62dd49b1825b0ca7dfcc0c9e299

    • SHA512

      05ab5cfb9df4cca02c43bbc81a8e8b10469dd27604d487591fe15d3620d8623bb19d30af9607430e0a73fd04df02ffbf551f5c1e58af24293f681c928395aaa0

    • SSDEEP

      1536:P3AK+z0NSabIMKCxTEGDpCrLHgOnAOxyZV9r4L8fHROwbY3zZJYgwxx+p9/3:P3AKZNSafTrNkLxn36VVfYwbY3zZJY9W

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks