Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
147s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
05/10/2024, 04:00
Static task
static1
Behavioral task
behavioral1
Sample
1612b6726ddd17aa7490a5fed9f64614_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
1612b6726ddd17aa7490a5fed9f64614_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
1612b6726ddd17aa7490a5fed9f64614_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
1612b6726ddd17aa7490a5fed9f64614_JaffaCakes118.apk
-
Size
4.4MB
-
MD5
1612b6726ddd17aa7490a5fed9f64614
-
SHA1
9c1144086a4151d43f0349b219f7e0188fc06928
-
SHA256
b420c3ca244b91835c6525ff48e4056194b76f609b69ea7a85f82d8013fecb07
-
SHA512
576a26d5d0180a5d5ae0ddd623108d5dc979156672681e603e8e0e33f4bde9abff6c66ad856bafa6992fabb4223466262a7c153d77f4d7b4c1e1384d2a1ef291
-
SSDEEP
98304:qfR5ZgHOTFkcIyCJLggNUCoNgsvMQEw7dCgWrA/m1WZjX9B8WS7QSxYAcZp6:qmu+mCJzNUCVsvAxrAHXbPS7DxYAl
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.swanangel.nHandOfGodFree1 -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.swanangel.nHandOfGodFree1 -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.swanangel.nHandOfGodFree1 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.swanangel.nHandOfGodFree1 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.swanangel.nHandOfGodFree1 -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.swanangel.nHandOfGodFree1
Processes
-
com.swanangel.nHandOfGodFree11⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4937
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1B
MD5cfcd208495d565ef66e7dff9f98764da
SHA1b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
SHA2565feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
SHA51231bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99
-
Filesize
1B
MD5c4ca4238a0b923820dcc509a6f75849b
SHA1356a192b7913b04c54574d18c28d46e6395428ab
SHA2566b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
SHA5124dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a