Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fa5c8a8999b1152146817779d6565054_JaffaCakes118

  • Size

    30.8MB

  • Sample

    240927-n4vpzatepc

  • MD5

    fa5c8a8999b1152146817779d6565054

  • SHA1

    48180767b76020f6821e8b9846213bcf14e6d275

  • SHA256

    ccec8fef747a2d395bc660f607232a5a282b64ddf05a996495677029a432955f

  • SHA512

    4a226186e05e67a237b4071d5f769d75d40b238ab25a77c99f50206e873a07e235445365560d77a6562a34cbc833ee3274092b86eae484eb1ff5902330a29618

  • SSDEEP

    786432:GE2jDwLHPyh7Y8yFxdosPL4ff8ZU+czy5U22DpMkQixUoaBX4b2No:i+vIY8mdoOLEgUlfWkQMUplNo

Malware Config

Targets

    • Target

      fa5c8a8999b1152146817779d6565054_JaffaCakes118

    • Size

      30.8MB

    • MD5

      fa5c8a8999b1152146817779d6565054

    • SHA1

      48180767b76020f6821e8b9846213bcf14e6d275

    • SHA256

      ccec8fef747a2d395bc660f607232a5a282b64ddf05a996495677029a432955f

    • SHA512

      4a226186e05e67a237b4071d5f769d75d40b238ab25a77c99f50206e873a07e235445365560d77a6562a34cbc833ee3274092b86eae484eb1ff5902330a29618

    • SSDEEP

      786432:GE2jDwLHPyh7Y8yFxdosPL4ff8ZU+czy5U22DpMkQixUoaBX4b2No:i+vIY8mdoOLEgUlfWkQMUplNo

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks