Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ea645c27a1c7f7d550dec9432f115232_JaffaCakes118

  • Size

    7.2MB

  • Sample

    240919-ch6dssvhkm

  • MD5

    ea645c27a1c7f7d550dec9432f115232

  • SHA1

    427718902016a3c9df577dab87817d6e13cd3050

  • SHA256

    1b5dbc8d5f8315dcd2c22f94b49d5ac0ecc388785eb2fccfcbe58253dd5c696a

  • SHA512

    d5595803ea14d247170009462c7bd6a634649c6261d50501b962c2a52e36a96f3a6008f320a36c4299700e47403006399855e7f39120f7abf0ddec893c26d767

  • SSDEEP

    196608:E3w4tg1TNIr+7q+uPfQr0PRnYpeLGqHc24j43NiZ0IE7R8:EAIg1d76P9SeUj4XIGq

Malware Config

Targets

    • Target

      ea645c27a1c7f7d550dec9432f115232_JaffaCakes118

    • Size

      7.2MB

    • MD5

      ea645c27a1c7f7d550dec9432f115232

    • SHA1

      427718902016a3c9df577dab87817d6e13cd3050

    • SHA256

      1b5dbc8d5f8315dcd2c22f94b49d5ac0ecc388785eb2fccfcbe58253dd5c696a

    • SHA512

      d5595803ea14d247170009462c7bd6a634649c6261d50501b962c2a52e36a96f3a6008f320a36c4299700e47403006399855e7f39120f7abf0ddec893c26d767

    • SSDEEP

      196608:E3w4tg1TNIr+7q+uPfQr0PRnYpeLGqHc24j43NiZ0IE7R8:EAIg1d76P9SeUj4XIGq

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks