Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

d10f2dcc25...18.apk

android-9-x86

8

MiGameCent...ce.apk

android-9-x86

7

MiGameCent...ce.apk

android-10-x64

7

MiGameCent...ce.apk

android-11-x64

7

unicom_resource.apk

android-9-x86

1

unicom_resource.apk

android-10-x64

1

unicom_resource.apk

android-11-x64

1

mimo_asset.apk

android-9-x86

1

mimo_asset.apk

android-10-x64

1

mimo_asset.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d10f2dcc253e582f871a04495f731123_JaffaCakes118

  • Size

    28.0MB

  • Sample

    240907-exh8xsvarm

  • MD5

    d10f2dcc253e582f871a04495f731123

  • SHA1

    51b08b58ecab1bfc2f0eef18c2d2a9656bd8be51

  • SHA256

    e9b954d5d482de2a81c6608f9bc48151443554d8ebbe6a1828fd3abc7682e31d

  • SHA512

    c100131b973878984c492497ca610a75cc47d8d25471390e7d35a91244961b952d52f0aed3f9830bb36cc7bfe61f0102dcc8f713470af9167a95a0741c63c9cc

  • SSDEEP

    786432:SCvQNIr0B8lvyvtFf14ShD/B6igsg9It+T6/KG7k6:SC5YOlvAFnTsiBtz/Kz6

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      d10f2dcc253e582f871a04495f731123_JaffaCakes118

    • Size

      28.0MB

    • MD5

      d10f2dcc253e582f871a04495f731123

    • SHA1

      51b08b58ecab1bfc2f0eef18c2d2a9656bd8be51

    • SHA256

      e9b954d5d482de2a81c6608f9bc48151443554d8ebbe6a1828fd3abc7682e31d

    • SHA512

      c100131b973878984c492497ca610a75cc47d8d25471390e7d35a91244961b952d52f0aed3f9830bb36cc7bfe61f0102dcc8f713470af9167a95a0741c63c9cc

    • SSDEEP

      786432:SCvQNIr0B8lvyvtFf14ShD/B6igsg9It+T6/KG7k6:SC5YOlvAFnTsiBtz/Kz6

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Requests dangerous framework permissions

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      MiGameCenterSDKService.apk

    • Size

      5.2MB

    • MD5

      f32ab0ab2ed58691ba1f4fbd46be3506

    • SHA1

      89b2abe5a52714b55e7a6b5245f786f7be6d23f9

    • SHA256

      25ee37926cb10bf50f51ce817513059ade7ecbdf589142ab05e56ee2dcc94fd2

    • SHA512

      a75e0a12d1c216fc528577d1ef52d81e597e259f114ca8fb2af8fb9329cad1c86636408bb55b9bb5bb08583df96615f54590c142a8a736f9a089e322aa890e46

    • SSDEEP

      98304:ayrBRZZz1VGiDp05BrS0FTS40PY7lzYga7qYcsnsnEX/n1PI3:H1LZJ/pmBrBS45lU7qBssnEP+

    Score
    7/10
    bankerdiscoveryimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral2behavioral3behavioral4

    • Target

      unicom_resource.dat

    • Size

      45KB

    • MD5

      b7b9f657da1f868a6b321dc2e6761eda

    • SHA1

      1f6a3a5f6af9ecabaa4018f747988cda7b60ca6c

    • SHA256

      a491c5e41b81127ff86d9ac9a5c23b3c63a026d5ea2e464a1d615e3b0225c1b9

    • SHA512

      5bb939512d4c4403896c87922974b99bc60755f7ee2a3840c5faeffd146b4dee97e089f808b3df25fa3041236ef1f63c78dd4c4383c0ab8e734542638033b003

    • SSDEEP

      768:foUlrwIc3/D+PM9pdN0KIv+ciFWAkEsDVop56mAlNZ6B/pEBTb7PZ6dkB1VXN65R:foUJwIAD+Cpd6KZilNZ6B/pgH7x4kB9A

    Score
    1/10
    behavioral5behavioral6behavioral7

    • Target

      mimo_asset.apk

    • Size

      300KB

    • MD5

      bf0be21e40885f5f682349db415ba2f8

    • SHA1

      823bcad773983ab798565f7b64b95783dce14d80

    • SHA256

      aca4c8f0522c09a77bcc790b10c772611525456cc88da97b0240ffdfe1c4a2eb

    • SHA512

      3c837718ddcc19885e00d54f9b7c336d83406571affdf64411e85a1ca317d67399e1cd56c5472a725568897dcd45bc5d94b87747be72b15e37e565034544be81

    • SSDEEP

      6144:9iUeeinlRr2M1qqdRT6y1hw7ayIaTAEQKmAxAJU8wgKZ/sCtY05:sULiXQqdUOEzUTKA95KdJY05

    Score
    1/10
    behavioral10behavioral8behavioral9

MITRE ATT&CK Mobile v15

Tasks