Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dfbc71240bad96780b4cfb45fceaae74_JaffaCakes118

  • Size

    13.4MB

  • Sample

    240914-h9lflashpg

  • MD5

    dfbc71240bad96780b4cfb45fceaae74

  • SHA1

    8131ce4f61552f7c2bc5eaa73b90015f2eab225a

  • SHA256

    4b8895c2faa57c4b3e806bda8237009176e2c15658c5d34116d248c9f535255e

  • SHA512

    5f26244a49e60426d877fca7fe52645c9d526614437efefac37a231c1952a0fedafd5e8f0e83d006b54fd08c690efcaa483acd62ea4705248155c92f98d8a236

  • SSDEEP

    393216:PJPRIAJFeQevaZVNswbzjwExXR2eMAumNP7F:PJWAHZzDzRxM1mNjF

Malware Config

Targets

    • Target

      dfbc71240bad96780b4cfb45fceaae74_JaffaCakes118

    • Size

      13.4MB

    • MD5

      dfbc71240bad96780b4cfb45fceaae74

    • SHA1

      8131ce4f61552f7c2bc5eaa73b90015f2eab225a

    • SHA256

      4b8895c2faa57c4b3e806bda8237009176e2c15658c5d34116d248c9f535255e

    • SHA512

      5f26244a49e60426d877fca7fe52645c9d526614437efefac37a231c1952a0fedafd5e8f0e83d006b54fd08c690efcaa483acd62ea4705248155c92f98d8a236

    • SSDEEP

      393216:PJPRIAJFeQevaZVNswbzjwExXR2eMAumNP7F:PJWAHZzDzRxM1mNjF

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks