Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb26f92a55f408c811952d0d9689e128_JaffaCakes118

  • Size

    567KB

  • Sample

    240928-ahfr2awhpp

  • MD5

    fb26f92a55f408c811952d0d9689e128

  • SHA1

    a7328ac491c52ab1873c42501e489eaf0585291e

  • SHA256

    f359c2da3ee10aaccc5aee82fc8a244df7d0c73d8c7d182cd894e62076bb884b

  • SHA512

    d83e3e52c35889a50d07c0dc5f7e107cd07f93ac8d4f1f067809d39d9f6a16614713a3d0401e8c8882ec7bb10ced9ebd2fc3e33a27ac6d90db6736e977dd3273

  • SSDEEP

    12288:xpepof2E9lCLyl7tUZ4+9Wojd+QttHedsXa/csxvNX8/pB0LzhMALx3:xpepiCGlmswIQ0USN8/pBAVMAx3

Malware Config

Targets

    • Target

      fb26f92a55f408c811952d0d9689e128_JaffaCakes118

    • Size

      567KB

    • MD5

      fb26f92a55f408c811952d0d9689e128

    • SHA1

      a7328ac491c52ab1873c42501e489eaf0585291e

    • SHA256

      f359c2da3ee10aaccc5aee82fc8a244df7d0c73d8c7d182cd894e62076bb884b

    • SHA512

      d83e3e52c35889a50d07c0dc5f7e107cd07f93ac8d4f1f067809d39d9f6a16614713a3d0401e8c8882ec7bb10ced9ebd2fc3e33a27ac6d90db6736e977dd3273

    • SSDEEP

      12288:xpepof2E9lCLyl7tUZ4+9Wojd+QttHedsXa/csxvNX8/pB0LzhMALx3:xpepiCGlmswIQ0USN8/pBAVMAx3

    • Removes its main activity from the application launcher

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks