Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
48s -
max time network
151s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
15/06/2024, 02:56
Static task
static1
Behavioral task
behavioral1
Sample
acaa5d82516d48ec1beb39d528624088_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
acaa5d82516d48ec1beb39d528624088_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
acaa5d82516d48ec1beb39d528624088_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
acaa5d82516d48ec1beb39d528624088_JaffaCakes118.apk
-
Size
1.9MB
-
MD5
acaa5d82516d48ec1beb39d528624088
-
SHA1
f532d72a837d24b89b83c63ec97ef29eb2f6425e
-
SHA256
2d560439776a0a4b4a87085762213e2dab9e0b5c8182836c4054d954be957c6f
-
SHA512
2a7d4e2cd766062d9d5968158b0c0aee8dcfa41440662e78be61a25d0fe96473eb2c546c30349011f40786514231cb0399c267d91634557c1d2a4acfa13f12b3
-
SSDEEP
24576:gVhZrwAxILwHjeR3jC4fXShWCy1YQF1fiW6yL0/ht5O1jEexTyzPu98LLUVWnNn0:chZrbjyJhXIWPT352/h3MTb0QE73ZLG
Malware Config
Signatures
-
pid Process 5031 com.imangi.templerun.hack -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.imangi.templerun.hack -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.imangi.templerun.hack -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.imangi.templerun.hack -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.imangi.templerun.hack -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.imangi.templerun.hack -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.imangi.templerun.hack
Processes
-
com.imangi.templerun.hack1⤵
- Removes its main activity from the application launcher
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:5031
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD512627a2ec645c4a4bc50dba5903afd59
SHA1504005c938517e61bcf68b65a055c2faba635c2e
SHA256f177ffae9650eb4f407c2d9a510bb5a5abe1ece2fdfe24effc62478a1bfa5903
SHA5127ff69589296e02383a217373399e75d8a82fa17146e4273f4c0eb630f096dd9f394a3324d60858b02f7e5cf177c82c6d966f5cbedb68ae6a98df7cc851b79cfd
-
Filesize
16KB
MD5f59de41d0147448d627874bb87d02e65
SHA141f374175a9a1ec981fbb1c7ac3a57f84950fd04
SHA256870b165d312c8d712d75fcf856e4dbf4a457d44c68fe46db400787b9cfdae00f
SHA5127bae112a957d03aec94b885cd631a76bb0cfc2c1a2b55fb23e39b76cc2f518318a65f814af47a03a526a90ddd8b018b39c4ad9d08a5f2a480cc06b17996420ad
-
Filesize
512B
MD5b107baeb6c710f7fcf394bf3527ed598
SHA14e3420e434206eb6144ebd066ab91d4ea7af2efb
SHA25674b6332a344e6257fcb87df4073a5a8a52d712e3eb3e086780978e70edfd6935
SHA5128eccc14f2fe0abc06aebf6b6c470d85796aedd54b11329cb78acf0651821f7d159fc15b82985ec334d466ab78ffffbbaa4a3014c7220ce472917ebf64e6c0031
-
Filesize
8KB
MD5a8831d9ed52f77643f130fda87075f50
SHA15d63f3508fa0702d50dacafe4f340e728040e2c0
SHA256bca1d48fde2a66d79a1b193bd22ab75ba233d45438d74d1015e297c7cfaad1aa
SHA512aa4f311935ed272ad3784445373e38f2d5ac6dde7178364ef24c4a4215c5ece38de072a702f4144aa5b6e7bd4512c1d9105cb13d599804afd48347d93c81a8ad
-
Filesize
8KB
MD50d5602e9f958f0972997b93fd63731c2
SHA17da7593872123a2fe478e18f5cc41f9a240416ec
SHA25627f8d02517cd0984b5654102527c5ec28647cf091bd3fd30dab0b4904d119572
SHA5123e6be7870d8cce7cc6d3270c251ad51e11009f865e3bd4a830ec3940ba8f475333f89ca945953f51111682e9fd1ef8620b97875ad3ec5c0303cbea8add6694d6
-
Filesize
8KB
MD5c62358ee4a815cb6824258d4089b4cb2
SHA17d4aad4ebb6734213042f56cdbf8718b78afe22c
SHA25665cd00b735584bd94bf152ea9c4b995f15faae8bae451df2daaf9e9a35b8e040
SHA512dd530f5f2d2c1db36bc40b61027838d10daee7f1de3786137eb18e909f4ab6f6c3088451b6cda147f6d7f0143bdeb680b2905b004110da4bad0f91591697ee2d