Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

fe35ff228d...18.apk

android-9-x86

7

cast-receiver.apk

android-9-x86

dyload-booter.apk

android-9-x86

dyload-booter.apk

android-10-x64

dyload-booter.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe35ff228d50f455b03fbb4924835564_JaffaCakes118

  • Size

    21.4MB

  • Sample

    240929-k5brpszgna

  • MD5

    fe35ff228d50f455b03fbb4924835564

  • SHA1

    81aa3e27117bad986255c8dd31b77e74f33749fa

  • SHA256

    fee555490c45e1837c61c5aa5e2072165acadb28380144239d61d815965bd339

  • SHA512

    10769297c7fdc042a1f54c33c026b1317f6570b58c8a253ae0482b7e5d12fcc77ca254251abc94c3f72775f683df69e90a6b290e54b0193b0288136915f468b2

  • SSDEEP

    393216:prVovGPBysFljihfegblBuhLKNwMxtYhf4wYVh87lfX8Vd9zDA7yjpT1qukiOhZ:tVovGPBvji4gZBuhLKNwLf4w3729zDLe

Score
7/10
androidcollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      fe35ff228d50f455b03fbb4924835564_JaffaCakes118

    • Size

      21.4MB

    • MD5

      fe35ff228d50f455b03fbb4924835564

    • SHA1

      81aa3e27117bad986255c8dd31b77e74f33749fa

    • SHA256

      fee555490c45e1837c61c5aa5e2072165acadb28380144239d61d815965bd339

    • SHA512

      10769297c7fdc042a1f54c33c026b1317f6570b58c8a253ae0482b7e5d12fcc77ca254251abc94c3f72775f683df69e90a6b290e54b0193b0288136915f468b2

    • SSDEEP

      393216:prVovGPBysFljihfegblBuhLKNwMxtYhf4wYVh87lfX8Vd9zDA7yjpT1qukiOhZ:tVovGPBvji4gZBuhLKNwLf4w3729zDLe

    Score
    7/10
    collectiondiscoveryevasionpersistence

    • Checks Android system properties for emulator presence.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Requests dangerous framework permissions

    behavioral1

    • Target

      cast-receiver.apk

    • Size

      6.0MB

    • MD5

      52ab649e07a8d83f261e23e0b23e039d

    • SHA1

      bcb32e4e1f53574da568a4852a5abc543f322055

    • SHA256

      93a963112e3b7e4410e6e506391d8c93b77199f0d02ffc5e4156eab63c328d03

    • SHA512

      143f155a7536a1bdbd892c0f8b5d4d5d13b78deeebc38884c2d9d0710504c5e7d3d33249cb1635d269501e30658656b5156af2391b7d186360d268ce9f1eb1d2

    • SSDEEP

      98304:qT2ZRpXmb9EFuZCxeDt10L5rFvoLavAbbaAL0YmPqLd6x71W9WMzQOSyAMBnAU:FZRp+ugZ70NrFvofHGR1rTByBN

    Score
    1/10
    behavioral2

    • Target

      dyload-booter.apk

    • Size

      45KB

    • MD5

      5e4901689d55b5b39e3e5cbc37411024

    • SHA1

      e97dbd0011e12d7f487cdc3178322279deeb45cc

    • SHA256

      ef073ee7274f2fae923c9ff755833e13b98344c2b4348532af684e44f84e1207

    • SHA512

      701689d92b1c60c803f613e90f9441a5ec84b278240ac13ee47520246b6761124a00f581f2fcb1d0b43603cca65be6a873ab787ff168f8e1b7aecd827fd86271

    • SSDEEP

      768:1XGkO9eLt3KWtvzEEI0Jmb+gCvWtHqEOQKqvQS0JKRviCKP9r6fa6nW4qSvJg:w9eB3HANXb+2MVQhQS0JKRv89rOnLg

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks