Overview
overview
8Static
static
6aad37a0b59...18.apk
android-9-x86
8aad37a0b59...18.apk
android-13-x64
com.newpay...dk.apk
android-9-x86
1com.newpay...dk.apk
android-10-x64
1com.newpay...dk.apk
android-11-x64
1com.skymob...15.apk
android-9-x86
1com.skymob...15.apk
android-10-x64
1com.skymob...15.apk
android-11-x64
1com.skymob...09.apk
android-9-x86
1com.skymob...09.apk
android-10-x64
1com.skymob...09.apk
android-11-x64
1com.skymob...39.apk
android-9-x86
com.skymob...39.apk
android-10-x64
com.skymob...39.apk
android-11-x64
skymobi_pa...in.apk
android-9-x86
4skymobi_pa...in.apk
android-10-x64
4skymobi_pa...in.apk
android-11-x64
1unicom_resource.apk
android-9-x86
1unicom_resource.apk
android-10-x64
1unicom_resource.apk
android-11-x64
1General
-
Target
aad37a0b5946bde3b8d9973d0ae6e1e9_JaffaCakes118
-
Size
2.9MB
-
Sample
240614-vnahesyhqg
-
MD5
aad37a0b5946bde3b8d9973d0ae6e1e9
-
SHA1
1e95721336d8255adbe3555745e23d7d94b2a8d6
-
SHA256
fc4a9ef434e62e439c44ca63154b8d611361ceef3496e25f43a3a25282950e74
-
SHA512
048aba7f9cefcba66ce589ab7503a91e9106db845d664c109e5ca49aafa4d4cbe5ebbe1d18ad13b580ba264dfdc56f1d8328be00d4260d477b99cca293dfc3f6
-
SSDEEP
49152:NvbjijYXLALHS6T36z90cTpUBnYdQKuFZ4JLrIQ18Da6+qeT6KRvypRvy7KFmfm:dbj7B676BBdUWdRsiJLjGa6A6k+jym
Static task
static1
Behavioral task
behavioral1
Sample
aad37a0b5946bde3b8d9973d0ae6e1e9_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
aad37a0b5946bde3b8d9973d0ae6e1e9_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240611.1-en
Behavioral task
behavioral3
Sample
com.newpay.spsdk.smspay.zfmgsdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
com.newpay.spsdk.smspay.zfmgsdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
com.newpay.spsdk.smspay.zfmgsdk.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral6
Sample
com.skymobi.pay.plugin.main_v10015.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral7
Sample
com.skymobi.pay.plugin.main_v10015.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral8
Sample
com.skymobi.pay.plugin.main_v10015.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral9
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral10
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral11
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral12
Sample
com.skymobi.pay.plugin.smspay_v10039.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral13
Sample
com.skymobi.pay.plugin.smspay_v10039.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral14
Sample
com.skymobi.pay.plugin.smspay_v10039.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral15
Sample
skymobi_pay_wxplugin.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral16
Sample
skymobi_pay_wxplugin.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral17
Sample
skymobi_pay_wxplugin.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral18
Sample
unicom_resource.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral19
Sample
unicom_resource.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral20
Sample
unicom_resource.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
aad37a0b5946bde3b8d9973d0ae6e1e9_JaffaCakes118
-
Size
2.9MB
-
MD5
aad37a0b5946bde3b8d9973d0ae6e1e9
-
SHA1
1e95721336d8255adbe3555745e23d7d94b2a8d6
-
SHA256
fc4a9ef434e62e439c44ca63154b8d611361ceef3496e25f43a3a25282950e74
-
SHA512
048aba7f9cefcba66ce589ab7503a91e9106db845d664c109e5ca49aafa4d4cbe5ebbe1d18ad13b580ba264dfdc56f1d8328be00d4260d477b99cca293dfc3f6
-
SSDEEP
49152:NvbjijYXLALHS6T36z90cTpUBnYdQKuFZ4JLrIQ18Da6+qeT6KRvypRvy7KFmfm:dbj7B676BBdUWdRsiJLjGa6A6k+jym
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
-
-
Target
com.newpay.spsdk.smspay.zfmgsdk.apk
-
Size
95KB
-
MD5
25cdc4eb758d0a793c61da97a2c02a9f
-
SHA1
dcaf1d357c8dd5e131b65d0eecfc509a93efdc1e
-
SHA256
0d1300ee97decedb4a6dc4a0304779ba475153fc1185f39d92d2df4865416866
-
SHA512
94bd124255b13fab7a20c14994666a4ddddc5c83890a01220db562225dadf7589377d01365840802dd5cc36b89a77a3dc8f9bd15067abed721f1b36b1cf89927
-
SSDEEP
1536:uOioreFZ+v4Dx0XUvVBqCqG9UnLEFrzZF00AEOHlveECCNwl4iu+G8aAWDKsF9kQ:uPoreT+wDx0QAyrzZWA3CfRnjKckxuGQ
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.main_v10015.pl
-
Size
59KB
-
MD5
af3d9be42c31205f5c5835876219a080
-
SHA1
94ee91f71c77d45efcbc3a5b41c1153b9eff2bf4
-
SHA256
09a1eaa8ea5844ad9fa0cc8ac61848ad769d62bf90fa9b15d2aa21a9fc593413
-
SHA512
51903ef751775c31e4a1f5f1190deaee2d50c93d5e36968045c67e446c7545c1cb12f26575e9d741a258a5882fbe357ac1657f18b9eca995bd533700828eeff2
-
SSDEEP
1536:+wSyx28ZQi8KwGltzgA4iPBUFOIWGpJj3CqgOwETU+gI9nuTk:+wnx//DwiSGgOW7Cz9yb9nuTk
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.recordupload_v10009.pl
-
Size
39KB
-
MD5
389752c98285491ec0245b2e5cd41363
-
SHA1
eb5130e959314cda0c762ddf8e19fe0a9a6c79d5
-
SHA256
790966b840b1ddc049d87f682c83ce73aed0b3890e2d26e36b1ca390e0aad019
-
SHA512
2b2de3ee7dc5dfe9574541373032f6355adede8ec5cd1ea5ab2a67849c1107fb4abdc98a08efdf9c8a9f5747dca291b475d64d75595404f4d0256a01e131a09a
-
SSDEEP
768:GAuuiz2kmTfvaI3u3QKZTUeHHktBypJHajfMvN+ZPpiT63wCNcU5B:YyXd3uRRdJHB+ZRiTyv5B
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.smspay_v10039.pl
-
Size
248KB
-
MD5
f7b9113f2220d0c9bafb01c3c1864e5e
-
SHA1
40e8abb05c69f87a9e4e723885e6855d177c44e5
-
SHA256
229dc2c46231d85e6b4298f7e6a067df9840c754d4b1440e2e9594f92d000040
-
SHA512
7342091212a23843a2d5d4d9ef18d3aeff8d3c27657f4ece882f0a90844c00ee6b6179de9c750c3050468ed3aaaff46c37f6b966110b65b22c59330d2f614756
-
SSDEEP
6144:M5djDaCE+IKyOhmkHkj0cCTfT/YPoUt75p3KV8zaqqD1:AzE+aOfTOZtFxaDD1
Score1/10 -
-
-
Target
skymobi_pay_wxplugin.apk
-
Size
33KB
-
MD5
73d8a99bf9de4eb876f1739627197190
-
SHA1
135f99fe90f129274c74f5c9b032294bfae3d05a
-
SHA256
6d6f22a6688689b35a723620794bc03e958a69e1770073bd921d3c6129733f26
-
SHA512
d5d9068f5fbf3c85bafb8edf084c40e4411814f02542cde120815951c6a2cfae78a0b08f930ef7143f10145ce0abcbd942c44f54afbb0d963ba47c653a162049
-
SSDEEP
768:iwFX6Lei59coj/94ML6plol/S54bLhWQeJ:iwF0t5jj1/LMcaivhWQC
Score4/10 -
-
-
Target
unicom_resource.dat
-
Size
64KB
-
MD5
92196937fb04bc1bee22e106ea4cf28f
-
SHA1
0c68a181eb63f1a6690e60dfd837b91eb17151a5
-
SHA256
4fcfe4f8c3e7cc3c4320e2a6a3dd3c20f47324f53243e93dd85ad95e387d92cf
-
SHA512
6cda00e6ebe4f6ade964ccab4db83c8363f2def0acd2dd744e1b0048cb5f32185fdfe75aa70d0df38ce1ce52d3d731848eece6f5626f826f891172433fdc8bd4
-
SSDEEP
1536:aWDADrANWprK16KtyiRFtm8clagB/dcfziAWmk2CN:a13ANkxsFto4c/HT
Score1/10 -