Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d528d5b1a22504b83d91bae233ab586a_JaffaCakes118
-
Size
26.7MB
-
Sample
240908-1wbncaxdkk
-
MD5
d528d5b1a22504b83d91bae233ab586a
-
SHA1
07433d49a2b386a9620ee8216962cac30e597fd9
-
SHA256
962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f
-
SHA512
9523619f3c118e1ce97533cf3f187f292a3462f4b2810caa9a7653dd63073ee2fe6c84f3d1f3955705a21c111b4362431c08aded6703b0b484fd8685f5cb49eb
-
SSDEEP
393216:kmoVFh4rF0BtHpEsOehoty2EYSuYHrRyNsnBHpDAhknwV1J77IkD0d9cVA:kXFhm0LHpwec4HyNOHpDhnwVfWd9Z
Behavioral task
behavioral1
Sample
d528d5b1a22504b83d91bae233ab586a_JaffaCakes118.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
unicom_channel_resource.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral3
Sample
unicom_channel_resource.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
unicom_channel_resource.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral5
Sample
unicom_resource.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral6
Sample
unicom_resource.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral7
Sample
unicom_resource.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
d528d5b1a22504b83d91bae233ab586a_JaffaCakes118
-
Size
26.7MB
-
MD5
d528d5b1a22504b83d91bae233ab586a
-
SHA1
07433d49a2b386a9620ee8216962cac30e597fd9
-
SHA256
962cd44167327a1e65201ef3ef151fc5f6134daf63a579a754b8bff03d50046f
-
SHA512
9523619f3c118e1ce97533cf3f187f292a3462f4b2810caa9a7653dd63073ee2fe6c84f3d1f3955705a21c111b4362431c08aded6703b0b484fd8685f5cb49eb
-
SSDEEP
393216:kmoVFh4rF0BtHpEsOehoty2EYSuYHrRyNsnBHpDAhknwV1J77IkD0d9cVA:kXFhm0LHpwec4HyNOHpDhnwVfWd9Z
Score7/10-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
unicom_channel_resource.dat
-
Size
28KB
-
MD5
af566108ab40330c1c97f8c54fae3c83
-
SHA1
6754244194eeed6aa426105563797b93852d5406
-
SHA256
3e1b5149777df0b31e00c53e3d0a7bc7b8041299ff44ae28e14a843e3ba24c6c
-
SHA512
115c32bc47c49e94bd9ce28ed579ba461dfe29aa3b6fc869d1810b61de84eff399f53570fadad08dc95316b82446e3e4b696913db71edf4c133e62e323b8c359
-
SSDEEP
768:vgmYNoDKahCyhzLEXiFWAkEsDVop56mTCZbOnih:vCNCKafhf8gih
Score1/10 -
-
-
Target
unicom_resource.dat
-
Size
110KB
-
MD5
31fbb28feeef6aecc7fd4c74374bb71b
-
SHA1
c3d83ea4e6f9e490efac6ca73db3ba314da1b6c5
-
SHA256
5d60f1abd1dd0ee3761dffcb27c36e6a538bf7e28f5c208e8d74d2394dc42b67
-
SHA512
e7e9563840836973153fba6f11c7d1a5b7066680d4f23194328b8ebae64924bc510d5a604adb62584824d5b6e528bd207a785f52be75395587d6a3341329a7b3
-
SSDEEP
1536:7amaCvrgOZgdG2az4LnyH25aU3/k27yluevqIJwzqvl2PSZ63:7jrgGSGIjM25a2/luAIJJFk
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1