Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
40b24d5954ac4d5830950afd5dbc8b46_JaffaCakes118
-
Size
1.6MB
-
Sample
241013-s6hkmstgng
-
MD5
40b24d5954ac4d5830950afd5dbc8b46
-
SHA1
020a7e076b378c76de3e02ca0c57b619b69c88af
-
SHA256
77fc9dc812fc22caee9452dbde1653ad4b2d62977847fd4feedc87f997ff76c1
-
SHA512
b2bf21f8b2f3d53060d88cb8062f09b341ab04b5937633af16241c937ab1dfb10200a3d2379ae163ada1243aba7ce8f5a344ea00624090eddd68d6d9534e0c9f
-
SSDEEP
49152:mgYzgjGbPo+jQaxslyfssDxJTePUW/Gbd:mIYP9jQtIjTePXEd
Malware Config
Targets
-
-
Target
40b24d5954ac4d5830950afd5dbc8b46_JaffaCakes118
-
Size
1.6MB
-
MD5
40b24d5954ac4d5830950afd5dbc8b46
-
SHA1
020a7e076b378c76de3e02ca0c57b619b69c88af
-
SHA256
77fc9dc812fc22caee9452dbde1653ad4b2d62977847fd4feedc87f997ff76c1
-
SHA512
b2bf21f8b2f3d53060d88cb8062f09b341ab04b5937633af16241c937ab1dfb10200a3d2379ae163ada1243aba7ce8f5a344ea00624090eddd68d6d9534e0c9f
-
SSDEEP
49152:mgYzgjGbPo+jQaxslyfssDxJTePUW/Gbd:mIYP9jQtIjTePXEd
Score7/10-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2