Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

723a6b7ea3...18.apk

android-9-x86

8

723a6b7ea3...18.apk

android-10-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    723a6b7ea3021741277e081c6acdc510_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240726-csmpfazgnp

  • MD5

    723a6b7ea3021741277e081c6acdc510

  • SHA1

    54a0ac7180db6d1bfcb6ecb342efcc2ff1556f4e

  • SHA256

    59e8210627dd8a2e9ab4b5de89c50de815aa42fd01a30bf1d8a4cfef6d6c6df1

  • SHA512

    5cc3afd063afb5c41b96d0fb44b66b600a87bc857791a32d2af8a072c3b709f2032356c12ff46cea405deab0a1d02e1d9ae5c730befe3250d58a9e63e5be855b

  • SSDEEP

    196608:TtuReyM+79GhUWkD80WhDokXEtMtSLnCxyPo6IEIv1OWs/QjJ:Zu195GaDDyXXwMtb8PJIEI3z

Score
8/10
androidbankerdiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      723a6b7ea3021741277e081c6acdc510_JaffaCakes118

    • Size

      7.9MB

    • MD5

      723a6b7ea3021741277e081c6acdc510

    • SHA1

      54a0ac7180db6d1bfcb6ecb342efcc2ff1556f4e

    • SHA256

      59e8210627dd8a2e9ab4b5de89c50de815aa42fd01a30bf1d8a4cfef6d6c6df1

    • SHA512

      5cc3afd063afb5c41b96d0fb44b66b600a87bc857791a32d2af8a072c3b709f2032356c12ff46cea405deab0a1d02e1d9ae5c730befe3250d58a9e63e5be855b

    • SSDEEP

      196608:TtuReyM+79GhUWkD80WhDokXEtMtSLnCxyPo6IEIv1OWs/QjJ:Zu195GaDDyXXwMtb8PJIEI3z

    Score
    8/10
    bankerdiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      evasion

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks