Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2b65f12fb684b54738fdbb58d9cb47b9_JaffaCakes118
-
Size
9.7MB
-
Sample
241009-fsjjka1dlr
-
MD5
2b65f12fb684b54738fdbb58d9cb47b9
-
SHA1
8e04054e31b1ee27934177b3f80a5a49eff9aae2
-
SHA256
bc2c81e4b08c5d5b533ea95e937dddb761c2cafd548ce0c2a6a39d6048b63c07
-
SHA512
568573e30d7e30902d328ebce59d0088587f5724eb1766f3ea67e4dcb0dad7ec471fd5b982fc790a5016d2f61ce3fcbb7180589c0e7056d05a4b302ca3e5adfc
-
SSDEEP
196608:Bb5SOl7OjNA8UqR1rr7aDFJPSN8Q4lGrF1ToLC9eu5rJqCG0x2FCPL:2aOjNA8UqR1rr74y8Q4SFSCZjxRPL
Static task
static1
Behavioral task
behavioral1
Sample
2b65f12fb684b54738fdbb58d9cb47b9_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
PlayerUIApk.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
PlayerUIApk.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
PlayerUIApk.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
2b65f12fb684b54738fdbb58d9cb47b9_JaffaCakes118
-
Size
9.7MB
-
MD5
2b65f12fb684b54738fdbb58d9cb47b9
-
SHA1
8e04054e31b1ee27934177b3f80a5a49eff9aae2
-
SHA256
bc2c81e4b08c5d5b533ea95e937dddb761c2cafd548ce0c2a6a39d6048b63c07
-
SHA512
568573e30d7e30902d328ebce59d0088587f5724eb1766f3ea67e4dcb0dad7ec471fd5b982fc790a5016d2f61ce3fcbb7180589c0e7056d05a4b302ca3e5adfc
-
SSDEEP
196608:Bb5SOl7OjNA8UqR1rr7aDFJPSN8Q4lGrF1ToLC9eu5rJqCG0x2FCPL:2aOjNA8UqR1rr74y8Q4SFSCZjxRPL
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
PlayerUIApk.apk
-
Size
137KB
-
MD5
3f66897579c9e5730de68c839139e4ce
-
SHA1
e9a738250bcf44a5960de6d9221ef37ab9d3ce2b
-
SHA256
fafcd67ff9e771a1ba662aaa02c89edd7b2ff5716e7c81614b406fc954f00e9a
-
SHA512
196c1104c8ff4bf15cf5355386a1bf390ac65c94e82802309a206981c2dd45dc832d140c04cb1e04e8bb158b503f5f6b34940761baedc2334e507e7293ada275
-
SSDEEP
3072:O8a53lg1mvFoI4FV+UOb8v5dp32QbTpfyeAN9GKIvuV87S36:XAKWiv+UFvVlTJyeCBIM8Q6
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2