3e7fe6362e89073cfc42eba4661ef1c44fef918dcaa53eea01a215f60242bd37 | Triage

Sharing

General

Target

96dc778d09ac69f1eb367644fa4ded1e_JaffaCakes118
Size

7.1MB
Sample

240814-va4jcasfmb
MD5

96dc778d09ac69f1eb367644fa4ded1e
SHA1

73a212ed819d2004cbdfa51120ea325ab676da89
SHA256

3e7fe6362e89073cfc42eba4661ef1c44fef918dcaa53eea01a215f60242bd37
SHA512

7e6a8cadfe838fd9136050c6ce40db8e489724ba295250434fb60e7b2e2e42f70c11a2b8a3aa38dacc605f965d970085ca007bcb2581462953b1d4d115c1d279
SSDEEP

196608:WFetTtA2li2T8vi/zgJpi4JInjCge3QAH9mbq6f:dyomp3InjCgtNf

Score

6^/10

android persistence

Malware Config

Targets

- Target
  
  96dc778d09ac69f1eb367644fa4ded1e_JaffaCakes118
- Size
  
  7.1MB
- MD5
  
  96dc778d09ac69f1eb367644fa4ded1e
- SHA1
  
  73a212ed819d2004cbdfa51120ea325ab676da89
- SHA256
  
  3e7fe6362e89073cfc42eba4661ef1c44fef918dcaa53eea01a215f60242bd37
- SHA512
  
  7e6a8cadfe838fd9136050c6ce40db8e489724ba295250434fb60e7b2e2e42f70c11a2b8a3aa38dacc605f965d970085ca007bcb2581462953b1d4d115c1d279
- SSDEEP
  
  196608:WFetTtA2li2T8vi/zgJpi4JInjCge3QAH9mbq6f:dyomp3InjCgtNf
Score

6^/10

persistence
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
behavioral1
- Target
  
  com.skymobi.pay.appui_v1001.pl
- Size
  
  531KB
- MD5
  
  f6bc3163820e842801b280fa11b5b859
- SHA1
  
  df91713645347c705641f1e2e98e3f808f4b98c7
- SHA256
  
  1a933814884bc46c2cff9561031a4ff96b28dd24aef8214f7c773cc246920814
- SHA512
  
  b1881f039f475b0f09e143709ddb0b1a75bfa28979b0c1c14bf837c9b06852a58a081e174895d976acbbb0775d6dd354e316750e6e0adecf47b83a57b9f820cb
- SSDEEP
  
  12288:bFFloyBXaz13tuRdxmewhMY+pDxHpS6E+Eu4kVBOKpTUafT:7loSS13tEdxmvMYGHge4Kwab
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  com.skymobi.pay.plugin.advert_v1003.pl
- Size
  
  48KB
- MD5
  
  b3426df707ccbe39954ad25b4da53dc9
- SHA1
  
  f86afdfb45186172911dd0e74472f37c356c6860
- SHA256
  
  129a1ef3cdb1da9b6b69d3b23e930995b51d3fe460ccb6019bb424b442198bc9
- SHA512
  
  80e61979a755ce8c32ef001eaa507fe247449d2fc0947b2fd62fecf863ee079911f74f8939a647a3ae6473b705e29ff211827250f4afb5f0357a264c759cb8cf
- SSDEEP
  
  768:BWetF4+72ldSxx9MA35NRfrVfsdIGOYaOolrjnRDohmkqxgia3/9sa01ZuFW:BWb+7ASj9VbRZkdDs9LRFkqluVv01OW
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  com.skymobi.pay.plugin.main_v1005.pl
- Size
  
  50KB
- MD5
  
  6a2f8961c75ff474d6e62f87d2ae700e
- SHA1
  
  6322a924e3e533a5fd556cec52c2e4f4c0580464
- SHA256
  
  83d06c3c2c9e52b7703409b33900e86f6954e4946dc475ce7538a86b76f94c9f
- SHA512
  
  6aa3badee9e9d2637eed62c4c582c630cd0bb5b9b622f025b10f7435fd10d7934857f2470e70de80e3c20e1d04681d48d82041ce324febe1ba258677b2b195c1
- SSDEEP
  
  768:WzcBtm6dJ+Sjg00NLj7UPDaUJlEqItB1uvxbn+ufYzxV0NewmHJit8moez+d+:W01dJrgH7uzu1uBnNfU0estoezG+
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  com.skymobi.pay.plugin.push_v1003.pl
- Size
  
  79KB
- MD5
  
  ae7bb4621772d44c44b85ffe4a165608
- SHA1
  
  4acb4237b9fa60661561aaf0c666c71256fc7db3
- SHA256
  
  edac317e9f2e37fb6ecde4a5d431e437ffb26d8dbbddb38fc00dba5f43ddda18
- SHA512
  
  4035445cb54076159347ac87d80bf5277936f5dbda163687aa775cf1710f1a700a02147ddd906fdae706c600a6d6a1cce342e8e1a623a8f016dab904c32d4a2e
- SSDEEP
  
  1536:w6Qaxs/9k3o69mdYEpwnieBFsNzzRR3hLC+J+5WL3S+XNU0:JQuak3oLYeeBFsNRnJ+5WlNV
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  com.skymobi.pay.plugin.recordupload_v1005.pl
- Size
  
  40KB
- MD5
  
  2149a6f83bd5ada02f9c4e66e1f16378
- SHA1
  
  7ed873b29c8088a704ec57c59a5e5847051e9a9b
- SHA256
  
  5b861e755afb702beaf86d00148acd272bef338e5f6bfd23d4e95ace55f6f6b5
- SHA512
  
  18782ffbfe29159d509258db437029381cf2a483bd677ac7a71c1d27462a76f9aa754f45606e292fdd48d401c18954a3532066c4e0c8600e03bf538b5987d920
- SSDEEP
  
  768:lWkC2BYtQRjlDiMfr/p8a2uBiOkN2sgxtqh+fBQcfwDkMoI:lWkC2StQtfr12uBiOkCxccfBQsTzI
Score

1^/10
behavioral14 behavioral15 behavioral16
- Target
  
  com.skymobi.pay.plugin.smspay_v1004.pl
- Size
  
  184KB
- MD5
  
  7d34896cb40a3e79475c045db6eeaa05
- SHA1
  
  c1b35cd2cd5e5f13247f6262dfb58f4deee07078
- SHA256
  
  7a5a389627e9c71fb3668ebe31477a8e240580934e9fd168a2d0605bd64b24ac
- SHA512
  
  c696d6b1ace8c4065f3c947975d183dd022aac83ea799c680708524b44c327a5168be422806b3ef2728d854d6d21529f00b39f78fe7891f3f38d1b452b2c3df0
- SSDEEP
  
  3072:LWsZHnhp7OwepeDmhds+u/AQTmSAhbFw6r8hWX1zrb7Dw9GYCA5sfCYZJJQpotct:LHZH/7pweDcslAQBGbC6r6WlzrrtY1Ac
Score

1^/10
behavioral17 behavioral18 behavioral19

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19