Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
156s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
08/09/2024, 11:07
Static task
static1
Behavioral task
behavioral1
Sample
d437ca7bb5c0a672841dfda652358a61_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
General
-
Target
d437ca7bb5c0a672841dfda652358a61_JaffaCakes118.apk
-
Size
20.9MB
-
MD5
d437ca7bb5c0a672841dfda652358a61
-
SHA1
2fe085d60d90800a19da969d809d6ca6163e080f
-
SHA256
ebbdad9b802cb87e34151f148d3ea98ca272c062b9709b7d5070d4606b6d3bfd
-
SHA512
b4fccc06c482cb397e97b76cd763dbc96f1e92673206cdd67cc082732164b467578b84934ef6443a19412af6d70cb7981aa67905447e5e730172c3d666dab62b
-
SSDEEP
393216:3918yAExD+jqiQLC2G8FbWE9xwPVjZ+mS0axUdaIcz3iBjcC/85UT0Rm:38yPKeYJ6v9yPVF+mSEdRw3ixcAHYRm
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.inpress.android.resource Framework service call android.app.IActivityManager.getRunningAppProcesses com.inpress.android.resource:pushservice Framework service call android.app.IActivityManager.getRunningAppProcesses com.inpress.android.resource:remote -
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.inpress.android.resource Framework service call android.net.wifi.IWifiManager.getScanResults com.inpress.android.resource:remote -
Requests cell location 2 TTPs 2 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.inpress.android.resource Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.inpress.android.resource:remote -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.inpress.android.resource:pushservice -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 12 alog.umeng.com -
Queries information about active data network 1 TTPs 3 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.inpress.android.resource:remote Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.inpress.android.resource Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.inpress.android.resource:pushservice -
Queries information about the current Wi-Fi connection 1 TTPs 3 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.inpress.android.resource Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.inpress.android.resource:pushservice Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.inpress.android.resource:remote -
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
description ioc Process Framework API call android.hardware.SensorManager.registerListener com.inpress.android.resource:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.inpress.android.resource Framework service call android.app.IActivityManager.registerReceiver com.inpress.android.resource:pushservice Framework service call android.app.IActivityManager.registerReceiver com.inpress.android.resource:remote -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 3 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.inpress.android.resource Framework API call javax.crypto.Cipher.doFinal com.inpress.android.resource:pushservice Framework API call javax.crypto.Cipher.doFinal com.inpress.android.resource:remote -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.inpress.android.resource
Processes
-
com.inpress.android.resource1⤵
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4254
-
com.inpress.android.resource:pushservice1⤵
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4312
-
com.inpress.android.resource:remote1⤵
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Listens for changes in the sensor environment (might be used to detect emulation)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4362
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
MD5d2e725c092b2ffdcf777ed8317472085
SHA18aa75f9430e90aa60331ca7238844b4e669b7cf7
SHA25693211958c5b3502cbfe4ca6a1cfa9ebda115194b9e21a4641f49a1ac63f985cc
SHA5129cc018b1ac4d4efe8c71bb91a88f8bb66e3ca103cd3bb6863a04a8184d40924f0e89a4688eaf6dce880b326f1f8c68c2caa0b44486a3c2a496e3a88089496e26
-
Filesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
Filesize
52KB
MD5c168780cdb83658ee95f1a07ffaa5c41
SHA1aa1f709f578263f346166c2d5af86f3ba12e0677
SHA256f8c9e7e4f1c0574a2a6b2fc29dd2fc13bda1926dc799e07810219be80beb490f
SHA51278e15815aabe2afa071a1ac971054ab95edf9af006f155f6197203de59cdb6676ac7b4b756de9389c4d96fe6bf6411b4da4452fde81422e1a9cb1328b6670f3c
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
48KB
MD5d2828700691968986c0a958566d7608e
SHA18765a01b1285e1519c58ce3880d3d17670b7c694
SHA25662f60439c80df505bb368fefe658504069894fe701c8f952b5ba3876d6251dac
SHA5123da4618fed3f8085fe4dbb8095f3a0d2dbda1eca79ed20ae6a8a649c087b69516e05e7b93c188e82b29415ec3a9ef809006478975d5ebfb104c4921f2bd91785
-
Filesize
16KB
MD580a86ae6ee3b3211149810e84b9a50a9
SHA11b5dbdcd73c4c93c5beca36a2ac68970c41d9567
SHA256e02315c8b781f06d0e6849b46463bc59d334af2f4f19a8a9e52763030c427ef7
SHA51208648d346a623c15d57ba80ce2d58166764329ebd7d462dbefac894530e5b7dc7eebb95ce030068f8a2940d4d08e1d5ba09cca297f2a5912ece063db4ef2bd73
-
Filesize
32KB
MD5575ec3929ba77ef914a754794f94b8d4
SHA14438d3e123d14ed3208774b03449e5063ee0323e
SHA25667f8ab649588a6b277e90c7f2b6a3971c33ecc70930cca4c3dda3dab2cb0ed6f
SHA5128b91e5cd3fa961e8563df97a58a9b0f356524276feb628deee67a846e1ca37f80029ad13f19e6b3807456c49703dda5a614c61d7ca3bf6b2e2f786c49ad0439c
-
Filesize
48KB
MD50665c4b3f550675b80faa294f4deca5e
SHA17a18e3d73a666d536559f514f4366cf880586a5b
SHA256fa2c1dd4a45e6c4c4b5ad082d710fb300c5b68b9cf0fbd898677235abd7cb28d
SHA512a55c6299868a01fee9ade8293c3663a1cec1c0fe97f59bea6f17f7e7d4bc8f15f36bde3ad6ecd59bf307b30aae0a0dd6a644bafcda40dc134dd478b3f1e720a0
-
Filesize
32KB
MD5d604a3bf1f8d992cc320ea5b1f7609bd
SHA1247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA51267e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab
-
Filesize
36KB
MD56130cde7b61b0a5ba7f9d492644dce85
SHA11513f38c7902575aa33b4b9d44bbd1b39fc9fd92
SHA256d3341cd02fea0ab1ba26df26a9e1e8b16c3696bd50eb7ecbd8354cd176ad0d49
SHA512b94a39d722b055e99989b00bc7e43e3a3cbecd5c3c509fe2363db472e6723298a4270a83ce11baf9ac38266f2fd785ccdcd0498d73730d27fab0ebe1b51548aa
-
Filesize
32KB
MD5315cb8dfe0c61adc6357eecb7545e610
SHA14ab717eb851ced8509943e846319b9de3222ee61
SHA2566d25b5e2691fdf7f9a60fbf2933e35f7b4d1b261cbbbfab7759d3ca2c13c09d8
SHA51282cee3f5f77ea739964ebebcd29bdd63bcf839291e3b07120409bda386eca984dec32c111ca945add023e8c59aa59851b1df2e4991f9b5622a93ca8c8fb5b780
-
Filesize
32KB
MD50f57f1e2d0c6c31f0b2761df946e9184
SHA1eb6c6f4b807d740161894ceeb250a594440158cb
SHA256e137a71b4ed818b2be3e71169e6354ed4dfcc0940574b446a17ef8e26783e4dc
SHA51239f1167a049b462c11b3fc5895f06b4f6fe4db88c9cf189f2e8a18e8913d6f0b90c6267ab552088837b700aeed38e569d9905f6414a0b53bdfdd139c9cc528b8
-
Filesize
56KB
MD59961c2a3a3f194eab71e3c802983e09f
SHA1b9a32a25759c97bdd56cde02b2549077e6118d36
SHA256ba3f8fad6405c0abdcb38b81fa6b3221383c4f10fcacac3cc2b3b0b4ab7731c5
SHA5124f6c6e58c1c338c575f7062ad6c6177282cb8ea677078f328483372556dc3a2cb9b874166b83512af5799f01606db7c01e735c97548a069ef0186ae83292cc8f
-
Filesize
36KB
MD53bf0dcadfd57d927dc761b255e4565e2
SHA14ec2a8435ec645c5b2baf48a5a1a64018b9aa7fb
SHA256673a1f16c2c9a672a7cb2669f87eb57a453141714264bd6a164901db99684173
SHA512fec69cf211acd063cde7272f9c939c8ed8c4aa98e7161d3ee702d5fc4b31b9ae8756a13e0e3406a44154ff420395d24a6c6fd09e2aeea6ad375265c7e3878d5c
-
Filesize
4KB
MD55798ec2bdd00ca90e59f57727aa72e92
SHA12ac1c243680ce2f5e4fdaef1628b2ae8d3e6ea11
SHA2566c124cd02c3d4410790bfc3e0216f1eea7bf836f274aefee61ac3c6a36dcf003
SHA5125670875a8f27f79e6601b5ba3053a11085bea28092322de240fa45cc4fa5b27836416600c9dda7f2be0865e2c0f46a9ef7c1f4f0cd71259f76844b590c008a28
-
Filesize
32KB
MD55523f6c18213e3ba7a9d67f6ff75ebf5
SHA1c0ad4f044f7cb36785f8f52522f5b25accbee74a
SHA256761584e559ca6320502fbd1cba1c133b46f26cd872a9d48237f9c6f7247ed860
SHA512d84bc21bf30dd413633088f15b09a8ceaaee291d4335ed3f56a54d6ff3f9addb237a3847deda7053db9647dee0286eae76839865ec45d36c1b7a8a348a79f8e5
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5c1861231296bedcf069a3238dd068c03
SHA18356060fe0385fba1da79d1b02a2adff4d28def0
SHA25633ea8dca2e5072a99e50ad94cda79bb9b9af520a8c9f09571991df9ac8050e6a
SHA5128f1c4671ec25d4b33b881f72b94c6d5324a0a2e130f3d0525063a1fb7aab40264b5db720af73f22f8ed6362db72fd3d6ce58659e7215306c05407c6947c71045
-
Filesize
257KB
MD59a833f4cc25e660ce7e918faea86361d
SHA1fd2058b6b4dd87e827adda376399ac3739130dd8
SHA256b730150b43f74638a73362f5b2079010adc66d749286e76cccd05b12b87b3e2c
SHA5125cdd25d59aef6aae044b99d3fee8725a3781f7b584202a2cb1436fd73bc59a1b991930dccca50e713769a6458de2842428b3e0a0f2287e1bb34987d02b32dd30
-
Filesize
52KB
MD537ba890b61b8db4a9530be2da30e393e
SHA1912a638eeb0c9724f58ff704114181003e22c777
SHA25632f7653aa1aa5fc37166d420dfbc3eea241f17d98cf29e0c7475525262f800e7
SHA512b75aae6e5ea9e6e2df13af9b01d065aa818a12a02287f50b3d2c1f1d19c38fa7b92db1217beacaaee649d6534b90d1101527bf9e56840c33d2d4c04466b4e6aa
-
Filesize
156KB
MD54d00f2ade0c30d9500a3ec2f9b4406f5
SHA194db80d1f7b154fbac4ab65426b91611a39fe818
SHA25608f30819ad193dec8e430e7a29c7509e4115f7c2672a77f99739c142c2558512
SHA512e09d94c35c6ade412ffa583b0193e3a08bc6ff0e877e3cd6a987a88db61d40fc76d171439b873570049d2e606b8b08eae5993e8e337a796083e14ce0f9a10753
-
Filesize
512B
MD5c248c60359abd3777a270553ff823409
SHA151b2544e17d13f29c158cd61ba8ed94be5c9e9ed
SHA2568c503c432b39d74c24d627bf1ef5799413cf3030a5157ae3ee72dc74e549222b
SHA512fbbb14d43526497ee2a334cc572d10cdbbcb258634759a7dedbdc10d599d2c096fe19341c8d909209a6f6ba47e0ac5fd79639cf1086230d239ca20430b72a28f
-
Filesize
257KB
MD5812f4ad52ea3a68870379bc280c45f80
SHA1b46e7f9614c1823b2c39e9b2065f1093f9dd04f3
SHA256dd65c175c40529a1a40560bc99128d5792c05241f6bafcb46088d2976c00cefd
SHA512d1e4b676af5f1c8d22aa413915a99661fcc063d914ac42a5166de02b194c8fa3c70676431df7f3f9abc0d3fb87b35577ef2475e6067ab7faa548f9d41bf220a4
-
Filesize
16B
MD5b2ccdaadac45c664a8cd2e1156c4e730
SHA1a5ec739c6041dacb55368c29e8438dbab497b18b
SHA256ba0a2287fecd3eb5c4f6b999decf44458330a8c6dd4a86c91a89d56d009e571e
SHA5129d613d72762b125c23e4c9d0b5ef39bf42d2252ef3761e47b3dac54bacaf6694e40ca026195c2ace56ef396d816fac0e488520678766c1e8aaa9a5dbcb031c32
-
Filesize
801B
MD57c366ea8f849e91e3f0f3093867b5c33
SHA188bb005e5643134f8719895233047017afe39800
SHA256d759d062f4eff809dc55ecf5cf8693b0e062bc1bf3301f11d907f555852b20e9
SHA5124575109c6e7330735b5421dc6f32abec26c5e9a92fc6ceb5b0b0f360ff97ab42f6001e52ebe63199d17ad27c053deb04b26e18af0025c0462886c9576c1d63a6
-
Filesize
206B
MD56d613136def26031e18f3f404299bb7e
SHA114a7a4a3309b932512dad59dbdb35503845e60c0
SHA25658e28d4defb46364dd0057354a4a89f8cb726d3b696c632de04b1a707803be18
SHA51289ac70f36ec3117b631a56d43700b4d034d6d269d4632933fdaa8cd9675c57af1df95f15271d0b45b796f56b4f89ec3d6bd4c9114d7cdd24e3a25d30e24e7ca0
-
Filesize
512B
MD5624610084bae5024f01836bf72930ab2
SHA195bfb2c589953eaac96157535fff09bd62049dd6
SHA256d7a464cbbbbec48003eb9ffe3eea5472f7aae2ce3cb4b6e80b5434be4bb9e7a4
SHA512de29f553f656c6e1b1ea7255586047d3d880235f75283066b75cfe140b57258baac1eb5250365499dc5c2ebc71120c876700048a66cd00ffae6512a591de20ea
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
213B
MD5daec34466a6aec42cbbea897f900539e
SHA1ef331b004d2cfbb88322cb71fc000c80aa0cf770
SHA256474923a4c9f828607548b47687d8fcc9abd8b3165c2a7520a7d1807990172723
SHA512d848191db442cf07954d131ff36e6a7046a7fe09272c2dfac0d0d1a772b3bc68e5319e78ea83c5af0d8ec2f4da705554fd7532b2e360db2708df8a408b39749c
-
Filesize
512B
MD53e758b360df90a070b24ec8282a52560
SHA19a5b1ff9a3012d20d57b8622c366fe38cd44fd36
SHA2565c71f8f09023a3929c7422211653dbec06de2e8df7405aa1af03603382cb26d7
SHA512298e615c50fe94232370811e61c90c896947075b62f082e59205d7b8fd8ef9fd035e2651ee5fb88f6a42c0b35650a9bf03c95f9ab613d15ab5497487067a2843
-
Filesize
32KB
MD56b42cbd508180fb70cb45d9899f4ccbb
SHA106c4aee85d5c4cd17c256fa2fc8577536d8a74b2
SHA256b0d1b4c7cc8cf971de4e79b5029d6025c780539cce6bcfe3978ef8a3dc4aaa8e
SHA5126d32c76c43a079d885b24042280568924f43ee9a17ff25db5e72d02265d01f7419b37c5ed25baee00f8ca5ecfcfbc2556e4b1a7769c763613bb23388f48d2d98
-
Filesize
80KB
MD56f089a5546ec1f9aa60040d0b0b183a9
SHA13e221a9862c0a25a4cf8e719cabc1aa3e10f9079
SHA256b50b3106c16403105ed8107186f502da33c9117512a6ef91ca27ce385d034326
SHA51219ee70fd3905efb8ee8c0b5d731e7ad008c34b5c4a034289c9306257a4b0ed0acebfebafdeb09e00cc50ac52a4eabdb007e33868fcdceb0e0cef8cdf47efbd80
-
Filesize
1KB
MD564a0a49f3a123d8247cd2e9d7072c590
SHA1f8ce8c670e5a72d5baa0bc25caa5b8782f54c86b
SHA256f6a5688a8ab7f249af7adc8ec51ca221715c9db11bbbc20b1219e871785d41e5
SHA512378da986f64fcdaa093e8cf01d694bc2478053035dbc3308f4ed179eac45b89fe51de4801f873ee98448ad9140056b6420833b34251cee7d3a2969119a02ef61