Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

ead17cd039...18.apk

android-9-x86

7

ead17cd039...18.apk

android-10-x64

7

ead17cd039...18.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    19/09/2024, 07:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ead17cd0397afa3913d88ba1d32488f2_JaffaCakes118.apk

  • Size

    5.1MB

  • MD5

    ead17cd0397afa3913d88ba1d32488f2

  • SHA1

    bd7794c1ee9c9ff6f516f2140a38d7f598db9486

  • SHA256

    11f447443530b52f63c6c372d51e50cbedc549b75d26ce4bf8d6b2c51e8e0fe2

  • SHA512

    61cf1394e0592fde5a9949a9107cb9f86107795879ce4bf2d60c1bdc06228ca80abdb9b61730e16d01c302b945fc8ec5f1457c14aa8a0679cba6aa1f4ac24a98

  • SSDEEP

    98304:qVCqcWJn4QtJ/9m8pBzu3gCVYpWazc3GsHGX/7h7/d3bvULXyWPsajXik8k+:q7yeV9C3NVYtQJC1BYm1C6k+

Score
7/10
bankerdiscoveryimpact

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Acquires the wake lock 1 IoCs
  • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
  • Queries information about active data network 1 TTPs 2 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • com.caiqiu.yibo
    1⤵
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    PID:4505
  • com.caiqiu.yibo:pushservice
    1⤵
    • Acquires the wake lock
    • Queries information about active data network
    PID:4571

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db
    Filesize

    36KB

    MD5

    86752a4be6564d8370f2f0e403995003

    SHA1

    29f7d50675f6e59f3b808eb6dcc8619384412115

    SHA256

    50484dcdc6b9c2801773018386a8143a52a5153eb2eeeaf5be8bbe46a49ca90c

    SHA512

    79c9435c1e0d41a3f97784be3e5a3cd8c0bd2d32ecdf326808bacb00c76d876d0447617d6e72ef04cd4b996c92eda4eb7bb200987ae7928ce2e0e7c8e807a5ec

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db
    Filesize

    36KB

    MD5

    0d297837be385de14a6a459dc06c4cef

    SHA1

    f74c32c8a85368e4a97dc32e1978559bc356146f

    SHA256

    c5c727615ffe3e81577f52aff6a87e8602e042c2528fa109f72059124773e801

    SHA512

    1670b48c770c6ce25c28ef381b7a32c740bdd9f9ea5b44512af720a721fdecccf540e44b1a78be4171e4d251a2fc82d40f75416ebaa4c22f889b45f5565932f3

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    7a76c7af9222908b75ce7e9b517e3631

    SHA1

    6ec6d1869c705a28ccee304b958f2e1308962f4f

    SHA256

    54efe8ff6f3798f75e450f59db0a17eecb20116486a4497aecd505c3ab2f299e

    SHA512

    ded28021bfe8ac914ad5994fa504f85243c896ff2750e91698387603118d31dea21dea0caf1984fe5b9bb4aaee2f419a3b5a159521e9811ffd79b7fb677b3506

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db-journal
    Filesize

    12KB

    MD5

    18ae2374bc45846ad5957b2fe73fef7b

    SHA1

    ab9f9860f852ddecc6dcf34606e87a3e3f4c67fe

    SHA256

    60ae60bcbf2170e99af28334536d49cd1c04b3872480ec75481a03dfef14dd35

    SHA512

    c9681912a36e7b3570b31ae649c5b7a34d92f0295dd9e994ea6de01e6bdc36ce4cf130d6e7abb32485443b8a9e62a54cc4525febe5206362e4b6fad88d710f4c

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    60df6a241a416da16f4d9484d2c8d1d9

    SHA1

    c72bde5e06a8c05c75b853a5297ef58143e3eacb

    SHA256

    20ffa3853e420eab046bf689a30eb94f8491885b659530cbc935d9853fdc670b

    SHA512

    4a6217eca2b03627ad8b9ce64e3375836127d9510a945d7070692109b8f40fd79c9e542e4ad64c396b63f2da8fb263a82ca275a6bddf12fafac43e2ca665c695

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    80a5b58a55dfd7684e56d0fe18b8c449

    SHA1

    e07d32cf29d3a121ca3a2b33853a1c297e8e10fc

    SHA256

    dbce911ae0eb29f94d2ee5d64446aad91905b5e158abfba9f7e64fdb1366bb74

    SHA512

    a3dc796ad2b761a5da3c04b850594417a633c445013de9c177035cfdca1d569908bb1e48bbde3f212f36b8c142900bb19fde76942369ed5085cad45599a3bdbd

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    75b959b9cb2952300ae7429ce652b21e

    SHA1

    5879d79365e55b2cd7a5f2c93f46df05976a99cc

    SHA256

    595bb57df6d7ae7ee85d51efff7c7296b3f986908057194b1925c8c5fcc0a1ef

    SHA512

    1acbeafed1d8be9d16506156be6b4e3c416e297a9868f21d5c56fd404224260ad4cc611eef64edac7fd1476b9912dad996867cb0d7dae747d868eb72aa0e9ae4

    Download Submit

  • /data/data/com.caiqiu.yibo/databases/cc/cc.db-journal
    Filesize

    8KB

    MD5

    ff9ba40bf4079b447b4119c1ce583340

    SHA1

    22644d11aaa7cdeb7d07095df0d757746c765f95

    SHA256

    a743f953c88c00fbbe8815c860b689e5eaa6767947383325cb18f7a3c71e7fe4

    SHA512

    9baa9a67c5026f41984265b89ad891902f31f7b65c0591a509827ed877b2a584715111575376675197f30ba234ac55f70915e735ab122949217caf3856d7007b

    Download Submit

  • /data/user/0/com.caiqiu.yibo/cache/uil-images/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit

  • /data/user/0/com.caiqiu.yibo/databases/pushsdk.db
    Filesize

    44KB

    MD5

    b088ab7e65631c9254819bef62c272af

    SHA1

    4c73aa47ee594ef97739a19cff607ee734cc73a8

    SHA256

    d64e85c1a30b39d095d51ec3bc76339cee4596a73257c2b66c15a7ec3dc77cea

    SHA512

    6e9f6e7105834370c7a166004e52cb1dfbf30b7da164bc8a6f06a4f72b88160ca75254678013c7e01f054156c477530daff62b59ebb66e21a2d3a5b0b010d02d

    Download Submit

  • /data/user/0/com.caiqiu.yibo/databases/pushsdk.db-journal
    Filesize

    8KB

    MD5

    462702ab16744ac8175c4cf9b592d595

    SHA1

    1b2e48b8a38000191474d0d6774828f51ceeb11a

    SHA256

    2be4cd5c1cd0a496b1a6e4caac0ecda3b25aaa95593f155ff8d6c46b5acc2091

    SHA512

    90e1b521170a3d83fc3691bbac782a0959972e6dfb4aeccbca4bb62e6e6a64d38f846f993bab1732b02e1a23aac939ef4a1c31ee1ecf351fd25fe2c1b66eafd0

    Download Submit

  • /data/user/0/com.caiqiu.yibo/databases/pushsdk.db-journal
    Filesize

    12KB

    MD5

    f7863a8ac62130da6c47fc22c24e99ac

    SHA1

    3ff2f351c6439ca5843e262e7cac8c8850104195

    SHA256

    780db3562b28904ceb3c6e7d3489dcd39d2aae6f708b55bc0eb719ee80ecf66a

    SHA512

    7418e27a0058181c9c534e84bc9e7d9ab93c4dab0b4cd00bf2f84dd5e30cfea879d35a9888b4b7dcd1d4e80808e98475270f59d355dd9e8a4e3e22ae4512dc38

    Download Submit

  • /data/user/0/com.caiqiu.yibo/files/.um/um_cache_1726729759529.env
    Filesize

    1KB

    MD5

    e9aaa07ea4680148b4b7f25d20219512

    SHA1

    edee0b52848bb257ba5c05b7bf5201f327c4428b

    SHA256

    b7c2733990f44dc79a76b18917e40b31aae3194c3b65220c4ebfddc6c8cbbcc7

    SHA512

    3653ac02bd7b7236ec40b2eafdc5e89051709774e0ddeac98d265521b198637668b68e7cb81d2005d622689f8b892c99e68aa3a345881351c71c362c90bfc74f

    Download Submit