Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

aa17999291...18.apk

android-9-x86

6

aa17999291...18.apk

android-13-x64

6

Analysis

  • max time kernel
    34s
  • max time network
    128s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    19/08/2024, 07:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa1799929144e9266156a68b4e3d1a00_JaffaCakes118.apk

  • Size

    6.0MB

  • MD5

    aa1799929144e9266156a68b4e3d1a00

  • SHA1

    82e122d1a1f86d7fc2c35d0ba0324f374118604b

  • SHA256

    56cd7223b0455aa168a5a5b2979aa19a4ba6be7503603c0d4c965fb67f2faaef

  • SHA512

    4817ebd1e6067c7d7d111750f43404a6af499a086d7df10166feffd5e3714cf4f8e307ae3ce9e2fce237b4b52b15ad5f6511037cb28329b3e403e37745f4339f

  • SSDEEP

    196608:7tKW5eQM0ET/Vyd+ho4GYEzFDyaol3M0Bz:r5DM0ETodh4oeawvp

Score
6/10
discoveryimpact

Malware Config

Signatures

  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.mojingou.visa
    1⤵
    • Queries information about active data network
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4250
    • chmod 755 /data/user/0/com.mojingou.visa/.jiagu/libjiagu.so
      2⤵
        PID:4276
      • chmod 755 /data/user/0/com.mojingou.visa/.jiagu/libjiagu.so
        2⤵
          PID:4333
        • /system/bin/dex2oat --instruction-set=x86 --dex-file=/data/data/com.mojingou.visa/.jiagu/classes.dex --dex-file=/data/data/com.mojingou.visa/.jiagu/classes.dex!classes2.dex --dex-file=/data/data/com.mojingou.visa/.jiagu/classes.dex!classes3.dex --oat-file=/data/data/com.mojingou.visa/.jiagu/oat/x86/classes.odex --inline-max-code-units=0 --compiler-filter=speed
          2⤵
            PID:4355

        Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/com.mojingou.visa/.jiagu/classes.dex
          Filesize

          4.5MB

          MD5

          8ef3b8b2f12196bfede52dea173ed91e

          SHA1

          dce247744de9f5eb7a1d887806410c32d5b0b40c

          SHA256

          49d63b8a2f2fc8e6804677e5064e2a704239a90d1c3cfff9f175869041ee8bc6

          SHA512

          dfe3159c0717b0b413b3d36fa703882ca799d10aee653cfebdd2f9aea295a6edfcc4ac0360b23f0b09ffd5e29a01e3040cc7959a25ba78c429489783645848fb

          Download Submit

        • /data/data/com.mojingou.visa/.jiagu/libjiagu.so
          Filesize

          363KB

          MD5

          acd3a64e22c56dc0628edd7615a74ab4

          SHA1

          ec22ef7fa9dca4b475af2724d483bda140370ca7

          SHA256

          c57cffd4175fcd618f29d48eeba1b8b30e2bfd4ce9e05c6c5b0bc4378914d008

          SHA512

          ec93027efd827742d3f9db70c4d4aba51e817191ff888aa2337939f2ce518b98f1c1f7ed3d49d25d3bff47738f68ead6348b1b309c54a17e18c4460cc2142e3e

          Download Submit