Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d02cd2475c7418bd8539d8c8198b0a55_JaffaCakes118

  • Size

    5.5MB

  • Sample

    240906-wylh4s1fqh

  • MD5

    d02cd2475c7418bd8539d8c8198b0a55

  • SHA1

    ca656c1ba88c9f59e4f5a569afddb02e362e8e9f

  • SHA256

    f197992e20bf5231d7ac883a1a81464e4f285198e1bbee73ff6de391c245b28b

  • SHA512

    bc4c599a2e0d4f327c9d6c942f61b0087a2c3b5369b4bfb023133cd9e426a3ab15dad334dff56c33570b621d1c3e77b50eb9fdf422cf1defe9af15999caab2b6

  • SSDEEP

    98304:ncEFTxe1kDQcHNl+FKG066mZtkHXYX96icSUboW9xvojJ7vCRXwj4vvFh2Bp9TSA:ncKelcHP+DZWYXcWWfAjJ7qZHvvv2sNq

Malware Config

Targets

    • Target

      d02cd2475c7418bd8539d8c8198b0a55_JaffaCakes118

    • Size

      5.5MB

    • MD5

      d02cd2475c7418bd8539d8c8198b0a55

    • SHA1

      ca656c1ba88c9f59e4f5a569afddb02e362e8e9f

    • SHA256

      f197992e20bf5231d7ac883a1a81464e4f285198e1bbee73ff6de391c245b28b

    • SHA512

      bc4c599a2e0d4f327c9d6c942f61b0087a2c3b5369b4bfb023133cd9e426a3ab15dad334dff56c33570b621d1c3e77b50eb9fdf422cf1defe9af15999caab2b6

    • SSDEEP

      98304:ncEFTxe1kDQcHNl+FKG066mZtkHXYX96icSUboW9xvojJ7vCRXwj4vvFh2Bp9TSA:ncKelcHP+DZWYXcWWfAjJ7qZHvvv2sNq

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks