Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

de49239e19...18.apk

android-9-x86

7

de49239e19...18.apk

android-10-x64

7

de49239e19...18.apk

android-11-x64

7

Analysis

  • max time kernel
    61s
  • max time network
    150s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    13/09/2024, 12:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de49239e19d97043dce57d7c4e5cca51_JaffaCakes118.apk

  • Size

    91KB

  • MD5

    de49239e19d97043dce57d7c4e5cca51

  • SHA1

    a124633dc43a56ebd0b545652a2b202bde32313d

  • SHA256

    1d91ecfc3e8c075e3f76098184b615e816010fc33d15c18730355b1e858d9544

  • SHA512

    b665d77721d8ed59bb3eebc540ad691e1c01b71c8efc07f1c536b69b7e939d7190c039a9ec4d6d654adffe8b03f70aa9fcbdcd28f1cd1fd805464fbe828e9bc7

  • SSDEEP

    1536:0+APJsFsfBxZegM77K/qX5JsSuvOpAGmrOPB13d05l3dDJnAaR+cdo9WYQo0Wc:sPGUpkPusAmPBZa5l3AtcdPo0D

Score
7/10
evasionpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Acquires the wake lock 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.example.yclient
    1⤵
    • Loads dropped Dex/Jar
    • Acquires the wake lock
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4315
    • /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.example.yclient/app_sim_index/appmgr.jar --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/com.example.yclient/app_sim_index/oat/x86/appmgr.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4344

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.yclient/app_TYPE_JAR/tencent.jar
    Filesize

    49KB

    MD5

    aea7593768fda53588a0d2fe50a01b72

    SHA1

    39d60950aa9ce55646feeb5c31f3fad6679fc3a4

    SHA256

    6edb818bc4e1070c9c91546540a6c39acb83a3ea40b4e7e0d36aaef692391471

    SHA512

    c5315d5c42526f20f00d4f8f89ff3bb74f1f6f0aabb894b1c93b2d5e2b2dff932534ec5396c96e1cf6880f5557acdd0f1a94c5a0e4ab98dde6468aff872d611c

    Download Submit

  • /data/data/com.example.yclient/app_sim_index/appmgr.jar
    Filesize

    49KB

    MD5

    9bdebf35b1fbad5e4eafef9c1666ec0a

    SHA1

    0ab1157124f668e073350d5b498393f88e1e4172

    SHA256

    200917eb46c09227b0cffb57b2f8aebfdab1c1401b84668d32f434bf2cf2e744

    SHA512

    153cbd2d2cc2fa28191ae2e4de52862551836b7853f916bc4a0641f612e58a971e095fcd1c2b8ecb9ac97589ac0a3770d544174c0da4a8534453291ba44b8855

    Download Submit

  • /data/data/com.example.yclient/app_sim_index/oat/appmgr.jar.cur.prof
    Filesize

    163B

    MD5

    860ef5952d526051086a75f3caca01a5

    SHA1

    01434f5ae381539933f95e7beb8deb607af25ab8

    SHA256

    d4ba931716cbac790f1d0330efe073927eba2340b662cb4f14dfc50dfccf3a8c

    SHA512

    3443d5b889045746a0672472f56876ebda499a7b99b87348e45f321dd78ba5de9e255f4bd31e203c0a6331eac60057afe9288ee2f2e67a7c6bcd78eb2a367907

    Download Submit

  • /data/data/com.example.yclient/service/smsrpt.i
    Filesize

    245B

    MD5

    8ddc2fbdd33be024b9d9f55a31745081

    SHA1

    2829d7f60e2d081301190e135db99227c9a326b5

    SHA256

    c57fd3f9458036c2b26edb96d51b5c7a5feb1e1413c06a9f891cc1d3156458d4

    SHA512

    363dab521044ddfb4847ed5ae62cdbca291653d8f44fc8cc058cd3dc02c2229216f6371811997de4842b11cc8dde58999ef5adf6da7e2a7635bb6e3c8a1699c4

    Download Submit

  • /data/user/0/com.example.yclient/app_sim_index/appmgr.jar
    Filesize

    101KB

    MD5

    22d6605a6523acaa8fb797c7adfedabb

    SHA1

    4d4938b78fb65771f8e79fb4d014a4d2fcbda805

    SHA256

    86a2be063818643b1455b6e203f9fc92d431e0c659494f95702536cb846965a0

    SHA512

    c8b40f861fddc0043024c02a30949ce6d8b1fa526222ffec27dcf98d2fc13395b9dd1214e8c16b0520e6e272484bd2b53eaba5ce0634930212e62f12f351b760

    Download Submit