Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
57s -
max time network
133s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
17/10/2024, 13:53
Static task
static1
Behavioral task
behavioral1
Sample
52486ffd19962d05d3d497ff8f417cf2_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
52486ffd19962d05d3d497ff8f417cf2_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240624-en
General
-
Target
52486ffd19962d05d3d497ff8f417cf2_JaffaCakes118.apk
-
Size
2.2MB
-
MD5
52486ffd19962d05d3d497ff8f417cf2
-
SHA1
a262600c4daae5ae2aa39027351c9ad3211c0b76
-
SHA256
7ce7e1472f5d44c43eacf58954d1336f8acbe6b843a45354f369ce337617d383
-
SHA512
bd0be580bc22a85a6387b8fb6f9aebed0b673df736e5f60c117f61b8633285950370434fbd0900dd2d6dc27609c786f14e883d86922e38e202847c4e1644bd3b
-
SSDEEP
49152:SLqbZen8uBWL4/9CZthxK7uRGFjehIzlnT9dsBLQyc:D08uB2qYtqScd9dos
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.huanzan.app -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.huanzan.app -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.huanzan.app -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.huanzan.app -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.huanzan.app -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.huanzan.app -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.huanzan.app
Processes
-
com.huanzan.app1⤵
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4262
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
335B
MD5585839d66722cfd02e40cb740cccb633
SHA1374c19200fee201b26d0153487a281a934615884
SHA25686a9bb4985cca6c9636c4fd071bef4b70ba7b3a5eb51af869a1299dc2b1574a8
SHA51209bbe1bf1455861fd4732f2d1945c84bac34090906ac2fab75d144c22ffcf6bc585c8209e94a2b1919c8402df53966081a1af2993e12261ae4c4ac5568667d88
-
Filesize
24B
MD51b77cead9372e196b8a150ef3863cb46
SHA140a325a1e979558130068a2d4271a78820954ea9
SHA25638573b031333b42a8e803c59a9f8d4a142cacd2f888e86009855de5062b71e16
SHA51235193d69b0092c481c4d1c26fcd97e67df94e2dbf1166ee6f0e372976fe9b5ff7a32a684908d0701ee47c8852e34664fba6b10fa02f171f6bd76aac456b8b757
-
Filesize
32B
MD5c865029b75a8d17344a7940886fdccb5
SHA1fa2af422abec7abca583faca9c9e3a7a24da2ea2
SHA2561438ede326052ac3396567fc4d038042ce8c2d2329d6d988872d57266075bbdf
SHA5122bdac529093f12ceb03d42233954592cec9aff56c63d4c7bc16c818a29926f14eaa0332672226f242d8d8be07811731ffeca57f2c447abfaa0144643cf2c9d20