Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d2d0a486fe9d8e76fee51461f3604dc1_JaffaCakes118

  • Size

    12.1MB

  • Sample

    240907-znc1rsxblg

  • MD5

    d2d0a486fe9d8e76fee51461f3604dc1

  • SHA1

    e364d8ba23818b08446c62ca74a7609b8ddd9d89

  • SHA256

    159e969a3033801b26b6d0c69e283647a44093969f3d11df0c311c36ed63a952

  • SHA512

    9cde0c858b4e7a719aefdaf2f1315c8dd414cdeedac07cca21dab8f52312b6b9a0892b2253e437dd56e137eeb25d7145b56c4e3faf0ddde7a6aa52664c80a919

  • SSDEEP

    393216:SX/o94NEJdONS6PFDXaw6bf9RyKCb+6zP:m/oq46NDXaDzryKd6zP

Malware Config

Targets

    • Target

      d2d0a486fe9d8e76fee51461f3604dc1_JaffaCakes118

    • Size

      12.1MB

    • MD5

      d2d0a486fe9d8e76fee51461f3604dc1

    • SHA1

      e364d8ba23818b08446c62ca74a7609b8ddd9d89

    • SHA256

      159e969a3033801b26b6d0c69e283647a44093969f3d11df0c311c36ed63a952

    • SHA512

      9cde0c858b4e7a719aefdaf2f1315c8dd414cdeedac07cca21dab8f52312b6b9a0892b2253e437dd56e137eeb25d7145b56c4e3faf0ddde7a6aa52664c80a919

    • SSDEEP

      393216:SX/o94NEJdONS6PFDXaw6bf9RyKCb+6zP:m/oq46NDXaDzryKd6zP

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks