Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
daa3928804d44274b39ab59a0cfc27ff_JaffaCakes118
-
Size
4.3MB
-
Sample
240911-sqpc9axfkm
-
MD5
daa3928804d44274b39ab59a0cfc27ff
-
SHA1
c0debf305aa2e23316f4ab7c2417e8648f278efe
-
SHA256
ac4db404f91cf289fb01be4fc3585414b013a5f8313639306a48c9096ea963e8
-
SHA512
4decb4a3ef995cd3e84767c0fdfb84912e1d9634a5e6ffa539928cad407951fe75a0594eb96b02fddef8dac4f291431e2e292b631d1e94e5bdbac7013d630f07
-
SSDEEP
98304:qYWeoZRiyP9GEQrwM9yi0XN4+VO4GGjXmsbfD/+A8Dy1ZU:qv1ZRTPJQrw7i02+VOEjWyfCibU
Static task
static1
Behavioral task
behavioral1
Sample
daa3928804d44274b39ab59a0cfc27ff_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
alipay_preset.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
huafubao.apk
Resource
android-x86-arm-20240624-en
Malware Config
Targets
-
-
Target
daa3928804d44274b39ab59a0cfc27ff_JaffaCakes118
-
Size
4.3MB
-
MD5
daa3928804d44274b39ab59a0cfc27ff
-
SHA1
c0debf305aa2e23316f4ab7c2417e8648f278efe
-
SHA256
ac4db404f91cf289fb01be4fc3585414b013a5f8313639306a48c9096ea963e8
-
SHA512
4decb4a3ef995cd3e84767c0fdfb84912e1d9634a5e6ffa539928cad407951fe75a0594eb96b02fddef8dac4f291431e2e292b631d1e94e5bdbac7013d630f07
-
SSDEEP
98304:qYWeoZRiyP9GEQrwM9yi0XN4+VO4GGjXmsbfD/+A8Dy1ZU:qv1ZRTPJQrw7i02+VOEjWyfCibU
Score7/10-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
alipay_preset.apk
-
Size
350KB
-
MD5
b1305a5e4779e06a6c654258b02dfb15
-
SHA1
f9e387482bc9649fba2aaf04ba6ae02334651223
-
SHA256
258c17f04df6697fccf9ae1479f35543bd4a4081edda48a1ea2c37bc1b870e6a
-
SHA512
9a3f94b5d38dfa8f7e6b24c0dde0b940e48a757e8634754f3c37050d826e620dfc1838c783d99e94f97b08dd7474d7b619a22d037d414300c3874476fdc90cfd
-
SSDEEP
6144:5FeKnPt0/sEGId2fuRmlxLwEd0r2FfS4QlV7G8v9oKvFuQL2bBV2fnayx5:5FeKFFEGc2ymsMa4QlV7G8Ge62fnayv
Score7/10-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
-
-
Target
huafubao.apk
-
Size
289KB
-
MD5
f85cf7fa8b498c833a7432ec70aeb7ac
-
SHA1
30a89809790ad7ee687e374e6543f32ecb74c856
-
SHA256
fbe72488ac9f404838175fb6eaf0212828ccda19f27f9a9f75f89ac4d753d466
-
SHA512
11ef42f2bcbf5ff4429d72ab33f3e723002be330e797226f50b822d88be55078ca32b59099514919d3d36229947f5733b0aea3c08589d793de149afb762faeb5
-
SSDEEP
6144:TbnpAKB42qBBaQWl8FjjKHG66ufzxD+CzygMT:OKBeBaQM8ZR69h+tV
Score6/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Execution Guardrails
1Geofencing
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2