Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

de840bf8bf...18.apk

android-9-x86

8

de840bf8bf...18.apk

android-11-x64

1

YinShengPlugin.apk

android-9-x86

1

YinShengPlugin.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de840bf8bf34aca77062ab623b2e3028_JaffaCakes118

  • Size

    11.0MB

  • Sample

    240913-vd6g4syara

  • MD5

    de840bf8bf34aca77062ab623b2e3028

  • SHA1

    fc8c119040df097bd36fa92e547efb0ddb88c870

  • SHA256

    35d37aa360e9f88a720988f954bb1d8aa748bc6c9e8e34ed42cc73052336d991

  • SHA512

    6586c5deb8094b630eb32283db65909ff4e9ff8650af8b25c3211fbd6f445e37981c9224e3a7e5be96b46cda19fe20f8261fe06bbc6443e2debc05c72a47f7cd

  • SSDEEP

    196608:U2EdDOQoutjoFMlu7zO3pYcV0PoL3S3RSkIivA+3SGQ8tMxToV6UgutmZwPqYPeY:U2dCqz3en0PaNXiv/3W8m26UguIZwBeY

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      de840bf8bf34aca77062ab623b2e3028_JaffaCakes118

    • Size

      11.0MB

    • MD5

      de840bf8bf34aca77062ab623b2e3028

    • SHA1

      fc8c119040df097bd36fa92e547efb0ddb88c870

    • SHA256

      35d37aa360e9f88a720988f954bb1d8aa748bc6c9e8e34ed42cc73052336d991

    • SHA512

      6586c5deb8094b630eb32283db65909ff4e9ff8650af8b25c3211fbd6f445e37981c9224e3a7e5be96b46cda19fe20f8261fe06bbc6443e2debc05c72a47f7cd

    • SSDEEP

      196608:U2EdDOQoutjoFMlu7zO3pYcV0PoL3S3RSkIivA+3SGQ8tMxToV6UgutmZwPqYPeY:U2dCqz3en0PaNXiv/3W8m26UguIZwBeY

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery
    behavioral1behavioral2

    • Target

      YinShengPlugin.apk

    • Size

      2.6MB

    • MD5

      0ac9328e04546116189320ae8731f8f5

    • SHA1

      5d35ca19e148cb151b4d30eb8594ded59167f8eb

    • SHA256

      ffc96444d72aaf6f7ef9e1cf0b76e45049c5458322049d73c216237976163fb9

    • SHA512

      0461f14b0e31db1126ecb94f790017fa6f5b34b67cc766722251ce69bc6b2619d296d86c065a81aeceba867131eced3cde003c8d287a30e126870135e9f9eca9

    • SSDEEP

      49152:LQnvDGuKRdHUnx4KM1dZQAYRKZ6kF8/w+uUbg+LKbJjzaE27Ccw8:LQny1RZUnx4KMWAAKEkF4wQk+2djza7r

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks