Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8da944f74aebdeec26b05ceb37ff0d24_JaffaCakes118

  • Size

    24.3MB

  • Sample

    240812-g7lsxatcpe

  • MD5

    8da944f74aebdeec26b05ceb37ff0d24

  • SHA1

    3d94bc5ed196ce1e253a301fd625013bd86561cd

  • SHA256

    4e504f2bfc5c55253613dc091697c9e906aa833d8c681b3beb18c3e21600afbd

  • SHA512

    28291de744ff48ace18e7ddaf4206171110c5306f185ce1a506b15b2260c6cd2f4239476acfaf7028ebd166890e7a179428f166321c1bc6852357ee87b7a5a95

  • SSDEEP

    786432:SlNADTdfS6ol6nzSofe15izq/yM5d0+phbh:SlNA3k9lOmoql/yM5dvhbh

Malware Config

Targets

    • Target

      8da944f74aebdeec26b05ceb37ff0d24_JaffaCakes118

    • Size

      24.3MB

    • MD5

      8da944f74aebdeec26b05ceb37ff0d24

    • SHA1

      3d94bc5ed196ce1e253a301fd625013bd86561cd

    • SHA256

      4e504f2bfc5c55253613dc091697c9e906aa833d8c681b3beb18c3e21600afbd

    • SHA512

      28291de744ff48ace18e7ddaf4206171110c5306f185ce1a506b15b2260c6cd2f4239476acfaf7028ebd166890e7a179428f166321c1bc6852357ee87b7a5a95

    • SSDEEP

      786432:SlNADTdfS6ol6nzSofe15izq/yM5d0+phbh:SlNA3k9lOmoql/yM5dvhbh

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks