Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e0e740f71dfc63a0e65f10400598a275_JaffaCakes118

  • Size

    13.5MB

  • Sample

    240914-ye4xfsseld

  • MD5

    e0e740f71dfc63a0e65f10400598a275

  • SHA1

    146eeab16baa2806bb36ed893dca7dd55dcff94f

  • SHA256

    353f16226afa703249ab493c597ba81c31b2c6329433f2dbf786bbe51eb4188c

  • SHA512

    6887ca2662f074adbc1bbe0f8864f6c88adfe4939026ed83dbf7794cf6dab24fdcfb3870006bbbc6652a90fdda84ddb633f391c77a01aef645e630c1cfddc6b1

  • SSDEEP

    393216:gdGvJwi0xQjzdD+g/+ulN+43THNc/6Mldzqe:QbrWNKg2Qj7NyvPzqe

Malware Config

Targets

    • Target

      e0e740f71dfc63a0e65f10400598a275_JaffaCakes118

    • Size

      13.5MB

    • MD5

      e0e740f71dfc63a0e65f10400598a275

    • SHA1

      146eeab16baa2806bb36ed893dca7dd55dcff94f

    • SHA256

      353f16226afa703249ab493c597ba81c31b2c6329433f2dbf786bbe51eb4188c

    • SHA512

      6887ca2662f074adbc1bbe0f8864f6c88adfe4939026ed83dbf7794cf6dab24fdcfb3870006bbbc6652a90fdda84ddb633f391c77a01aef645e630c1cfddc6b1

    • SSDEEP

      393216:gdGvJwi0xQjzdD+g/+ulN+43THNc/6Mldzqe:QbrWNKg2Qj7NyvPzqe

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks