Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a32fb8426ea55fd3017270ef36b7a987_JaffaCakes118

  • Size

    13.1MB

  • Sample

    240613-az6psa1dpq

  • MD5

    a32fb8426ea55fd3017270ef36b7a987

  • SHA1

    204c28e93363da1a93e47528e69d958b7448bb85

  • SHA256

    68e813f6861c8e83e201091c0b282962b0029cd7703b30e19f8a1e31567f9c5c

  • SHA512

    f495daa2c8a2f51c4261eb3a737c757ce8baca308c7fa7935944ab48696e3d1b943a2b8c8bcfd977c242efa008f486f7d26fd1a69b40054f8689ea3b13edf51b

  • SSDEEP

    393216:i1/AHLYT7wyFByUatGjy//ot1ItRi/4MX:iRAHsT7wyGUatE1UfMX

Malware Config

Targets

    • Target

      a32fb8426ea55fd3017270ef36b7a987_JaffaCakes118

    • Size

      13.1MB

    • MD5

      a32fb8426ea55fd3017270ef36b7a987

    • SHA1

      204c28e93363da1a93e47528e69d958b7448bb85

    • SHA256

      68e813f6861c8e83e201091c0b282962b0029cd7703b30e19f8a1e31567f9c5c

    • SHA512

      f495daa2c8a2f51c4261eb3a737c757ce8baca308c7fa7935944ab48696e3d1b943a2b8c8bcfd977c242efa008f486f7d26fd1a69b40054f8689ea3b13edf51b

    • SSDEEP

      393216:i1/AHLYT7wyFByUatGjy//ot1ItRi/4MX:iRAHsT7wyGUatE1UfMX

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Reads the content of photos stored on the user's device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks