Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

d625ab276f...18.apk

android-9-x86

7

d625ab276f...18.apk

android-10-x64

1

d625ab276f...18.apk

android-11-x64

1

Analysis

  • max time kernel
    41s
  • max time network
    137s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    09/09/2024, 10:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d625ab276f66723599624bd23930ce2b_JaffaCakes118.apk

  • Size

    3.8MB

  • MD5

    d625ab276f66723599624bd23930ce2b

  • SHA1

    eeb2fd3551b3e7e696df98c5c193063cdfe6a838

  • SHA256

    12df3ca2aad84471601dd59e0e08fcd8ba8f551873e318902fe59c8802ff76ab

  • SHA512

    b5f7c8527c14416635d8e6a8ddd4e1b81d64a7535595c134f8edafa8c820f0d726e3a1af6933c4df314b4e55906167a3bed82acdb482801379d73f6f224f7308

  • SSDEEP

    98304:2hytlOiYi9TUTzVfGCJauOaSQyYwBg+Tp9xdJ9lv9mJIPBg/4soK:2hyzOiYi1UTzVfGCJauO9/g+TpndWKkR

Score
7/10
discoveryevasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • wsm.wifimousefree
    1⤵
    • Loads dropped Dex/Jar
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4256
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/wsm.wifimousefree/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/wsm.wifimousefree/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4284
    • sh -c ps -ef
      2⤵
        PID:4351
      • ps -ef
        2⤵
          PID:4351

      Network

      MITRE ATT&CK Mobile v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/data/wsm.wifimousefree/.jiagu/classes.dex
        Filesize

        874KB

        MD5

        e5054916f330ec6fc6ec004e33729fab

        SHA1

        8c4aae0830664f8bd0fa1a872254043dcc4fe076

        SHA256

        62a54a9f41fe1a20b2f2e719916cd4e8fdcf4e001558c6b31283fec64b3e889c

        SHA512

        37bd3ae49a064aa084611ed23e6d14bc679ea2efd50e237edcd9eb3d3e59021df6a03a1bbab8a6a2bfaed66208433edd36b38a92bc56a2c57fdb37c6b7ea120c

        Download Submit

      • /data/data/wsm.wifimousefree/.jiagu/libjiagu.so
        Filesize

        477KB

        MD5

        39d77dcad8e2a44dd7226f442b3a6c92

        SHA1

        6560fa96c6b5a038abaeee5f139a16e46088d9d7

        SHA256

        99cba035cae818dbdef989e70e738463798528b8ca52dbf38d2b8a72152680c0

        SHA512

        7ddfc6c05839160813e58e8f8c50d2dcda7e7b5e7f1d27cffb802ee91de4bb664bc5c257137d39152ed6e8cad0d3c1b067bf8aeb7e53f884893887b54480a5e5

        Download Submit

      • /data/data/wsm.wifimousefree/.jiagu/tmp.dex
        Filesize

        284B

        MD5

        f1771b68f5f9b168b79ff59ae2daabe4

        SHA1

        0df6a835559f5c99670214a12700e7d8c28e5a42

        SHA256

        9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939

        SHA512

        dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.ac
        Filesize

        32B

        MD5

        45b23a630026c9e5eb9dc631a5a75e1e

        SHA1

        74550f62fed51d790b86f0733d46aaf432d62a04

        SHA256

        82dcd72f70e1b754286c54bc5bdb755906995d8cbec7028102750ea62f8338c6

        SHA512

        059b233c35dec868fa96491013db560411f6d6f1c41b93c59f917a9e8c27517f57f7e9e2e94051e3579f45cdecfb937a2de91d9c91a575b72bdbae7eafe207b0

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.ic
        Filesize

        32B

        MD5

        0ae57eed4918ca4ac22fee3802959def

        SHA1

        eaf04c01f3223e44e0e8e7fbdaaeeac1b589a6b3

        SHA256

        624b9a76f417a71c9e7aacc5f7834abfade72b1c48ee652c507be150e058ad91

        SHA512

        ee8cb8a2e7f0d933a5e781689c8cc20ac58ebd31063bcc59fc63234195ee2f4d58af1194f687a415318a65f67a5fcbc2de3b101443239749924ac4685ea729cd

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.pk
        Filesize

        32B

        MD5

        50913a2b5a3cce4ef97ff3f100cc30c4

        SHA1

        6c66fcb97e52fe36f9f26813bd63812ee411f8df

        SHA256

        df2f4ca7e6ef1912e968da6b8e7bd38d9ab8c2a6b635f784ae44dab64ff90a83

        SHA512

        5bd8455007f9d5fe642c078f48d7697753af25953838c64c765d7a9f4b99b865b1a4983bce859e3544c82474cddff0113156155e168d8aa396b5b818abecf879

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.pk.h
        Filesize

        64B

        MD5

        4c30ed31cd1067ccfb18e3d39e35409d

        SHA1

        298c52a7286ef9be7c450c761c57448229a319dc

        SHA256

        0b71204097f55a959a08578dfc283e54b2eb0a7550f6913634409b86ad713bcb

        SHA512

        7a76eda8c040478213a4fee3aab3e66e5f58d59a5c6ec63b8a100b91072005028a5fc96cc2885dd94a4bf9c37e3d4ef7c558f42aa9f3016a2b3936f6f97a28ac

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.rd
        Filesize

        73B

        MD5

        06ee80568b79fcac3f48b10269c03e59

        SHA1

        fa10ab5b79fd6469801406ecc5047a9934ff0100

        SHA256

        939efb811d0e8cda12b7d639062f306d44b777735ea3385fc2fc9b17c7efa1af

        SHA512

        7fe2059331a92fb260ed4b013773ecd6ce2f03faeee06e06ab6099afd11c212382d33a5e242b1a1c4f1677d4c31b1cd7a1025383f38abf87a289c4e3f4c094cf

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.ri
        Filesize

        307B

        MD5

        9cc97f0b2c7490335b7a1afedb5c008f

        SHA1

        581660be7d9d859aa6120d97964bbdbd321efdcc

        SHA256

        b1e7c39772041182dc8ca4acade96941fd12237288a1e101796c8b068e314447

        SHA512

        5ab779cbafde9d981ce0bb28b1404ef3e87766fdf193c99653a76eae702a78824b5366165d5c4a986f4ffe2fe18ebf7da7a5a6840c42f2d42fe1c9e72b66c569

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.ri
        Filesize

        314B

        MD5

        cd116618bbb774846f3c4da652522103

        SHA1

        e757e3c8cd7b0876cce62bd4236a6fbd1dbac8de

        SHA256

        47f8ab6b8ab7e2c8d4f47717f56aa6be42185914bff0fa089b0ee26a587546da

        SHA512

        a6a1e05c8cbaf5c3c918b62431c7699ec7ef85b6beb6a47636ea91662bcd57a705b2fb384d75eddb57805a02d375f53ff5d79d59219d37d4e4d3bf2790f20f9c

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.store.report_pid
        Filesize

        32B

        MD5

        62f9d35bd99a1cac562102e7ea21eacb

        SHA1

        322e103a5543dc4636434ce5723598a2c568802d

        SHA256

        c427cb1db1405f104b0a94b9bf372e35ce723f86763e3e8d8ed0ec2b25407361

        SHA512

        183e23d96f34596b9d271aafa4e1fbd878c12f94b27cce52167c48da4adcc06d2df1b196d311a0a0f3bb2bae1897f0a7aa2691d99a96aba9a09c78176138918c

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jglogs/.jg.store.report_pid
        Filesize

        54B

        MD5

        27b0d788ae95ae9ea8c18b69530c24a7

        SHA1

        180f6597abaa3b8d58f69617da60ad6de9e4992f

        SHA256

        3b2a93d66c7f587c5dbc5e387e76cb85d004511a67476ae2e4b720d07c0038bd

        SHA512

        6a250899781500d7fe832e03a611e69df90571639f558541882af12fdeb7744a994e8e63183d63a8bbb52ffebf353bc2c86fd0ce3cc49627cf1f947832e5a6d7

        Download Submit

      • /data/data/wsm.wifimousefree/files/.jiagu.lock
        Filesize

        27B

        MD5

        fe733286340bd4b1f18fff36f35ef9ca

        SHA1

        407f606916bc9c18e5d11b94560e50a60a22b99a

        SHA256

        89a7aa3e621bfb2b05972ed54030fa809b59a899349704af2a3d031b10e75156

        SHA512

        9241e378669474d621f3de22103697ebbb4ab76d01e18381521502421ec78e04a225f5620cf18da922dcb4a822b92e7dae4b560ad70a842844ab3f4fd44fb10f

        Download Submit