Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
64s -
max time network
132s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
11/06/2024, 21:53
Static task
static1
Behavioral task
behavioral1
Sample
9fa750cd4ba71b5713883eb5031f1b0e_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
9fa750cd4ba71b5713883eb5031f1b0e_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
__xadsdk__remote__final__.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
__xadsdk__remote__final__.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
__xadsdk__remote__final__.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
9fa750cd4ba71b5713883eb5031f1b0e_JaffaCakes118.apk
-
Size
8.6MB
-
MD5
9fa750cd4ba71b5713883eb5031f1b0e
-
SHA1
60053d493feb0b2ae17b19fae112496dedb4165b
-
SHA256
b6d9c4c42b04bb365ba4247ce223ec551c608fe7997215c702ad4d2cf56fe565
-
SHA512
786555f7f804ee3394ecad4a7cb86198e9ac38cc7d55b85d01611d7f511041f701687e1ebc6eb15a7570633de53fff49d2b6ba95b4594dd4bb8420f70ce5f95d
-
SSDEEP
196608:g9BSjcO+XESTp+UIDGb6u0t3/Cl/hitZaDoVj1EcXk3:KM7++UI+6GaHEcU3
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener smskb.com -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 3 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo smskb.com -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo smskb.com -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone smskb.com -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver smskb.com -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo smskb.com -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo smskb.com
Processes
-
smskb.com1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5000
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
556B
MD5c100114a79da80ede29a01d2b38ccd17
SHA123cfa2f225c35e27b5f8af7caf729f9e90b771d2
SHA25636029924a8a27f7bb13bf920e0fc38fc3c80bf8ddc19095d52e284909d893d0e
SHA51208d89b43716d8721643b32ab267271cf2a2a23a182616b590fd32b488de0dcd1cd24bf6a358e09f9d3b307e05bb877d3c40f8fd72660014134db9a78209ba47f
-
Filesize
245B
MD51c84fd39210a6275ec4b60046b7f930f
SHA1c70c51b80aaaf3331fe2c3c5488d4516ffe6c3f3
SHA25614175a6e5b73c8ea6404e490465281e728e7e5b862f9e30279cea6d9a4ce850e
SHA5127e71f89284ba252bb9e1101ca86d3e655ec3351e04eab410f45cd082737019abc8122a58c2855b6b99db182d2beef91b0556b60a3dcfc18af18ab291eba86ddd