Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    10468aa342f67971d8195367645286af_JaffaCakes118

  • Size

    702KB

  • Sample

    241003-yfhevawhjd

  • MD5

    10468aa342f67971d8195367645286af

  • SHA1

    850444edd45e36b5564303cc1e307945edb51260

  • SHA256

    becc9aac3788b294a60bc1af4689908c6d28db1022e12b0557e61d29f4e6cfc0

  • SHA512

    bae79892cff59b0660226b4dee35f087cf375029c16107343e86fb815bc53b5426bc34d341e15c687328cc5b9e5877dc3370d11bf9ea84365298a17217663335

  • SSDEEP

    12288:k5WvCdFywWsOqq+5+apmK2PGxwnmHrgUu+:kImyvqq+r4PmwnmHsUJ

Malware Config

Targets

    • Target

      10468aa342f67971d8195367645286af_JaffaCakes118

    • Size

      702KB

    • MD5

      10468aa342f67971d8195367645286af

    • SHA1

      850444edd45e36b5564303cc1e307945edb51260

    • SHA256

      becc9aac3788b294a60bc1af4689908c6d28db1022e12b0557e61d29f4e6cfc0

    • SHA512

      bae79892cff59b0660226b4dee35f087cf375029c16107343e86fb815bc53b5426bc34d341e15c687328cc5b9e5877dc3370d11bf9ea84365298a17217663335

    • SSDEEP

      12288:k5WvCdFywWsOqq+5+apmK2PGxwnmHrgUu+:kImyvqq+r4PmwnmHsUJ

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks