Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
51s -
max time network
154s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
-
submitted
09/10/2024, 00:46
General
-
Target
27f277eae2ac1f2337eeba16c4e4f2fa_JaffaCakes118.apk
-
Size
6.3MB
-
MD5
27f277eae2ac1f2337eeba16c4e4f2fa
-
SHA1
88de663699cdb0764e6e3882bbdfe5bec545ad55
-
SHA256
ee8325e4b62aac55bafc7d9ac1cd57573152f77595b33cc20b1bad1d08fb4027
-
SHA512
e704531ddc2a295c641d8bb053dea1a27d1112d29cbe64d84d6c84c027f0ba1ee40d4ec11b3a04bb5d46fd02e25391fa1a8ed81d0e839c77f1a7f8cf02c89529
-
SSDEEP
196608:JmxH1eWhIxRNPNyZjYMWRyEaM9GFSE6Fzyi5bDo/:011thIF6YPhaM9GFSEH/
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about active data network 1 TTPs 2 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.baidu.appsearch1⤵
- Makes use of the framework's Accessibility service
- Queries information about running processes on the device
- Reads the content of photos stored on the user's device.
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
-
com.baidu.appsearch:locationservice1⤵
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Requests cell location
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
Location Tracking
1Process Discovery
1Software Discovery
1Security Software Discovery
1System Information Discovery
2System Network Configuration Discovery
1System Network Connections Discovery
3Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
128KB
MD53aab74a36c76458686c08b26be2a0a7e
SHA1224993b0b9027debd68af0ca20d563b1bfbdc3d1
SHA256bea97c4512bc63b981401d8f5a1cb94316ce41e906c42271ab53099d6486a37b
SHA512ef2b24befb2f49b8474ddd0ba9199a086e36181807685fd973d977c257b745a793d227a89f692911b23ac67beb88fafe3371a79db9783fff75dd8ae2aeee4542
-
Filesize
512B
MD5dc93ad3ba4275eab967868bb55e1f86f
SHA1e8bcbe1d22567c78e3fbd303dbecdf88f60b81f5
SHA2560e869649b5a1848009ae0e2343444df0afd070342984257348c41806788d6dc7
SHA512535fc6e45ffba57363af82ecf2345021cf58550ca19dd5d18e9e7818e648f82edf20000d7b1b31653e917dd36ad691b19445b45a335a917d5edf27e91260a3e7
-
Filesize
406KB
MD5ce8acc25f044b53db01afe9158c87d4e
SHA1fda676a682d145b010ac57c1a72c8415bbc958c3
SHA25600c224c0e19f81cba63b55ca1bf53151a6b6baf9cd66c491a4e5c12fda4f29af
SHA5123076ebe982df92bb375bf9eb06a84c2a67059b762c8607eb4e3e338c9298a723bcaae1b9e82caaa91bacca43b96343d746f90827231ece75e91251bbd2b1cd5a
-
Filesize
512B
MD5686ba27630f92f61d88fa3e5edd0ce9a
SHA17ca75d63601d990e5a97906d09e8af440336a71a
SHA256ed85e0f414ef943391bbd5678d908a742de13d1a4edd3f51cb0fcf7ba2c18ff8
SHA5120ca66b335cf0c6d44b4ea4d26769bca4195da71a48799756b0b8cfdf1f533733f718728f854809dc4c24f877df41a7c23c2af8cf7f4115bfbd142b29216434f2
-
Filesize
32KB
MD53a8a7760047df71d4eb725588c76d6e5
SHA1547c5e40942741edd284da178d47effe4133888f
SHA256968adebf9e6484f6734f3057bf888b34e38d2349f105670b25edc50286aa6b34
SHA5127116c81ac6a5bb975037e9cb91fe449d71c74dbd85488b5e34c0fe374727695039f8b823d338c02e989627068d10b8ca9351b0ecb5c3065cf5372d66ccf8e229
-
Filesize
512B
MD52e71eeaf56c40f7cfc9c4cb2d7becde6
SHA168911030ef8326142b3bce935248bd1944197ffb
SHA2569946b0a6f349edc30949c207c2c9c63008c0d73cdbbd9691e0ca3e84cdebc5b8
SHA512b58548a27adad0ee2f1149a25bcd3758ad9d81a9541bf0bc2e029f25b496d06fa99dda18c5e9b098fc967a2321e1be2e2f84af64493637315406ce421c1dc1ef
-
Filesize
32KB
MD5c0c04b44344ed958bab5849af82e55b5
SHA1025b14dd4509630962e59be389312ceb16a62ff0
SHA256f783c0f0b664753341d733e09035fc5c0eeade188e09dc3fa4f6216f9d0d3d7a
SHA512968426bd097dcca100072ad1e1dec81283b77efd46984c77f47c1d01917cea682b58cdf898e6c31445f9d35f7397cdec1ad3dd9e3fe44fbfdd74f53ed4938c38
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD545cffdcf2424dbab07c7f47a7dc8e4d1
SHA1d68fe1834d4ef716e60da15e01dce680598e7afa
SHA256ebbe1fe9174efe9afd5f05f17a0d86795d4bcea229d2ea7c2043cb9b0e5a4c27
SHA5128a9778dc9a77e6bc39c47324c09a0b854c96bae62ad3e3cca97f742bb8e4fb7643fb6ce1aeff40820a565b4421ad70ed61f572db54598dfa85b33c30fb2c04c1
-
Filesize
32KB
MD59963593783123ea56d8f8759072b26fc
SHA1a84a4eeaffd32adc88dbe2ff4a27bc03e8909423
SHA25675ee0b14bc1735ed4f74913232114fa3470e50244b4fb1721a40aec802783d58
SHA512fa7f9be0084d9882c89b1aead24ec16710f0926a2d57aa8956286a9d83630c4728dc46cc9ff46e13a7894f0d71bc82766adbf77850951c2fd1283ab8e21312bb
-
Filesize
36KB
MD5a266eff3a229620da9966972045a3eb5
SHA124c2bcf0ed05e5ce98951f875c9eb53e3173b1db
SHA2568895bca490da9a90ec386bd2ecc7b8efe79c461a3d467fc1f6a6cd415312cdfa
SHA512ebc88c0fb2f4acd8fab6b0fe30d9654743701a7c5a28b5c76f8adea951a5b15628542c825df2c5a44106312bdc036e524a60b91d38da1261ab5485f701f3b2ed
-
Filesize
512B
MD5f13c732b641b4fb495dcf5685f085204
SHA1b400ea675ec4dca0640db0a7573b29725009ff71
SHA256adebc03b5f705b883f07d912570e6456ff56393df9b624620f6b49d3e5b99a0d
SHA512e555af793689adaa726cb9e90ced31f7c8da30e5d1cd519451c7a46ae9b0057d872052f549529478796525494d00caea97849785ad1c72eff27b3fba102dcac5
-
Filesize
32KB
MD5561617007e63703b34f9fa53bf59c808
SHA1a23347a6b5fd10e9e8dcc51c8180e18f6aa591ff
SHA2561cb79f48ebaca44e4ae80443a2ea64de353de121bf79f6ad2c44041119397449
SHA51208afaa0d76e210278e8aebac1bd052e2276367551b66e9256ccf75e88ff92aa7062fe3093ca111ddccf5ed1819d94d4d544fec888475bb9ecd950366017d5e26
-
Filesize
32KB
MD51c4274aa7a9a5cac8c6d1df71e4588c6
SHA1abaecd685e01cc68801292e3dc7085654a22feba
SHA2563f6cd5f480ae69859b7841450f3d032c528ba385ebf9f371b9c8fdc6eb4231be
SHA5121adb95935798607bd36cedcd183924d3068f50097d017b278da7caee7771532b61ec3606f6189b6dec8426eb038fe40be75079ce35894b1a8e0d1d815261150c
-
Filesize
512B
MD58e9796b7c7c264d8eff4eecd198db4cb
SHA1815270442b79dd4d0ad39e58640eac188c531153
SHA256f10008bcf3b7e9b74e85e437c3b03a3167c6337cf053ab31ab69115cd62c823e
SHA512434e36b6c956cea52740c14301f064f412b46118dfd3321096ed872b5b10bfd505063e60bed0ed7d264635ad7fb031d55675e5089125675c282ef1809c9ba3a8
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
28KB
MD57108812e7b627c27a4846d038e2951e8
SHA13b9586ce70f20daf894a9d564feb4f556a2ebe9f
SHA2566a4c1b7ef221ad5e698bb2be095975e31920fa6bfe2e8982e9f3b7c13f8698b5
SHA512de883d1a25dc812c1735751eecc0d3f0b4afaaca7fbebf07d4a32dcab5defbb7beec7661cc76ac9abd2e2f0585549a4e89c8f01d99c99247762b620e2a0c9e99
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
104B
MD5aa99e996d8e3f4c556611919e8317a75
SHA1075ed5a135995c477b9ae39952769571f2ff31d3
SHA25640591fabf0fb51bc6491fcf820ca0e3bf1b273d44435424fe26b8d576b23fa4b
SHA512c58325e4ac668c3c370f6d4a437d67b5e2b8d6da17dcc51889e9581878f1390eb8d48c9ba4c4adde9ed888ef82016333b5bc767524b1c21b595064360e8cde01
-
Filesize
25B
MD52d805b13f2f28dc3ca9bbcc000f49bb5
SHA19eac165b4d81258fd3967cde5cc53b53b1dabcb1
SHA256c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19
SHA5125db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0
-
Filesize
89B
MD51f420b5580a14f8f014e125ac718df9c
SHA1541916323bfc2334ffead835fd1ad6d0a0cf6a3d
SHA2567ac8585842e620fb5ae46e6c273e1c4bf0434ac453924e262b47f216e711c1a5
SHA51237aad431896b327e849f6ce57993aa02de571270716a2202662a401addb96721d362bf9d80f31b42d4c1692af32204d2c786b7183dfb099d416c32a734fb8e1f