Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d5e1f3ff3bdc1694db89c16fa5a99248_JaffaCakes118
-
Size
11.0MB
-
Sample
240909-jfv9daxdqr
-
MD5
d5e1f3ff3bdc1694db89c16fa5a99248
-
SHA1
a162a1c4c3aed92b35f22147a6e5bbf5f62a01fd
-
SHA256
1509ce10b3640a4996571a12770c244653d66202ba7c614571ee4aeeb1ca946f
-
SHA512
276039f07949fdb52ebcf86e5aa97674b4b5d6e91995838779971d285a90dbe4bab2e6bb843de85c2b233d8f9e85fbfbfc806a29473b398fedc8d70d95a63f15
-
SSDEEP
196608:uifshTxmAu3/qaQRKv90wQAzyF5hfYTr8my3LR4AWmLmN4iMIA+yR1neJL7oBrIh:uXhTnu3CUv+w1z6x08d3LRtq+iWR18Ll
Static task
static1
Behavioral task
behavioral1
Sample
d5e1f3ff3bdc1694db89c16fa5a99248_JaffaCakes118.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
d5e1f3ff3bdc1694db89c16fa5a99248_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
d5e1f3ff3bdc1694db89c16fa5a99248_JaffaCakes118
-
Size
11.0MB
-
MD5
d5e1f3ff3bdc1694db89c16fa5a99248
-
SHA1
a162a1c4c3aed92b35f22147a6e5bbf5f62a01fd
-
SHA256
1509ce10b3640a4996571a12770c244653d66202ba7c614571ee4aeeb1ca946f
-
SHA512
276039f07949fdb52ebcf86e5aa97674b4b5d6e91995838779971d285a90dbe4bab2e6bb843de85c2b233d8f9e85fbfbfc806a29473b398fedc8d70d95a63f15
-
SSDEEP
196608:uifshTxmAu3/qaQRKv90wQAzyF5hfYTr8my3LR4AWmLmN4iMIA+yR1neJL7oBrIh:uXhTnu3CUv+w1z6x08d3LRtq+iWR18Ll
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Foreground Persistence
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2