Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
055b0eb9d03985ffcacee25e9e5c222a_JaffaCakes118
-
Size
5.9MB
-
Sample
241001-lyzqmatbpm
-
MD5
055b0eb9d03985ffcacee25e9e5c222a
-
SHA1
f1fcc13baf252798712897879ffa97bd871c5270
-
SHA256
efa30468c14f7c1b29f99169fe59e1db4a17cf1491d5ed8905a3c6bf98c2339d
-
SHA512
fe90e2f90e5be1260fabfb3784b70922cb89d218498b95305ba9220ce44da0d0268b0f769de5e69b4e23cd49d14f4544dcd2b6529586106f820ed63b0d484f87
-
SSDEEP
98304:UFIwLRriuuU651UVH5rL8ylCYCQDA9xwWiH00Nvm9SP1xgeWeYJ+Crlcxrpvg:eIuRriC65Ct5rLPxCQDnP4StSeWZruxy
Malware Config
Targets
-
-
Target
055b0eb9d03985ffcacee25e9e5c222a_JaffaCakes118
-
Size
5.9MB
-
MD5
055b0eb9d03985ffcacee25e9e5c222a
-
SHA1
f1fcc13baf252798712897879ffa97bd871c5270
-
SHA256
efa30468c14f7c1b29f99169fe59e1db4a17cf1491d5ed8905a3c6bf98c2339d
-
SHA512
fe90e2f90e5be1260fabfb3784b70922cb89d218498b95305ba9220ce44da0d0268b0f769de5e69b4e23cd49d14f4544dcd2b6529586106f820ed63b0d484f87
-
SSDEEP
98304:UFIwLRriuuU651UVH5rL8ylCYCQDA9xwWiH00Nvm9SP1xgeWeYJ+Crlcxrpvg:eIuRriC65Ct5rLPxCQDnP4StSeWZruxy
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1