Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d528d5b1a22504b83d91bae233ab586a_JaffaCakes118

  • Size

    26.7MB

  • Sample

    240908-1wbncaxdkk

  • MD5

    d528d5b1a22504b83d91bae233ab586a

  • SHA1

    07433d49a2b386a9620ee8216962cac30e597fd9

  • SHA256

    962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f

  • SHA512

    9523619f3c118e1ce97533cf3f187f292a3462f4b2810caa9a7653dd63073ee2fe6c84f3d1f3955705a21c111b4362431c08aded6703b0b484fd8685f5cb49eb

  • SSDEEP

    393216:kmoVFh4rF0BtHpEsOehoty2EYSuYHrRyNsnBHpDAhknwV1J77IkD0d9cVA:kXFhm0LHpwec4HyNOHpDhnwVfWd9Z

Malware Config

Targets

    • Target

      d528d5b1a22504b83d91bae233ab586a_JaffaCakes118

    • Size

      26.7MB

    • MD5

      d528d5b1a22504b83d91bae233ab586a

    • SHA1

      07433d49a2b386a9620ee8216962cac30e597fd9

    • SHA256

      962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f

    • SHA512

      9523619f3c118e1ce97533cf3f187f292a3462f4b2810caa9a7653dd63073ee2fe6c84f3d1f3955705a21c111b4362431c08aded6703b0b484fd8685f5cb49eb

    • SSDEEP

      393216:kmoVFh4rF0BtHpEsOehoty2EYSuYHrRyNsnBHpDAhknwV1J77IkD0d9cVA:kXFhm0LHpwec4HyNOHpDhnwVfWd9Z

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      unicom_channel_resource.dat

    • Size

      28KB

    • MD5

      af566108ab40330c1c97f8c54fae3c83

    • SHA1

      6754244194eeed6aa426105563797b93852d5406

    • SHA256

      3e1b5149777df0b31e00c53e3d0a7bc7b8041299ff44ae28e14a843e3ba24c6c

    • SHA512

      115c32bc47c49e94bd9ce28ed579ba461dfe29aa3b6fc869d1810b61de84eff399f53570fadad08dc95316b82446e3e4b696913db71edf4c133e62e323b8c359

    • SSDEEP

      768:vgmYNoDKahCyhzLEXiFWAkEsDVop56mTCZbOnih:vCNCKafhf8gih

    Score
    1/10
    • Target

      unicom_resource.dat

    • Size

      110KB

    • MD5

      31fbb28feeef6aecc7fd4c74374bb71b

    • SHA1

      c3d83ea4e6f9e490efac6ca73db3ba314da1b6c5

    • SHA256

      5d60f1abd1dd0ee3761dffcb27c36e6a538bf7e28f5c208e8d74d2394dc42b67

    • SHA512

      e7e9563840836973153fba6f11c7d1a5b7066680d4f23194328b8ebae64924bc510d5a604adb62584824d5b6e528bd207a785f52be75395587d6a3341329a7b3

    • SSDEEP

      1536:7amaCvrgOZgdG2az4LnyH25aU3/k27yluevqIJwzqvl2PSZ63:7jrgGSGIjM25a2/luAIJJFk

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks