Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eabf525ff873890e4c4e8f319c155088_JaffaCakes118

  • Size

    28.5MB

  • Sample

    240919-g3dazavemr

  • MD5

    eabf525ff873890e4c4e8f319c155088

  • SHA1

    3dd728b4622fb2b2fb0fb4315830d3367317e6e2

  • SHA256

    5fbb2af045f67e48a9587701b636787423e596a4b4442306acc505f92000afdb

  • SHA512

    7a6e7ede2523c48f46eef769675b96806f246ec52bc847a94f69736c92e5526797186429c0c9e4764c751483a04495d60f33f79c4ae3e8cf15361a9c547bd192

  • SSDEEP

    786432:CLqHg2qXmuJmWqSzyoxZ80SiqMK2NgJllKxVhSlb3PRZ/In:EqxqmuJmEdxDT4v/G

Malware Config

Targets

    • Target

      eabf525ff873890e4c4e8f319c155088_JaffaCakes118

    • Size

      28.5MB

    • MD5

      eabf525ff873890e4c4e8f319c155088

    • SHA1

      3dd728b4622fb2b2fb0fb4315830d3367317e6e2

    • SHA256

      5fbb2af045f67e48a9587701b636787423e596a4b4442306acc505f92000afdb

    • SHA512

      7a6e7ede2523c48f46eef769675b96806f246ec52bc847a94f69736c92e5526797186429c0c9e4764c751483a04495d60f33f79c4ae3e8cf15361a9c547bd192

    • SSDEEP

      786432:CLqHg2qXmuJmWqSzyoxZ80SiqMK2NgJllKxVhSlb3PRZ/In:EqxqmuJmEdxDT4v/G

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks