Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9a6a0065d3...18.apk

android-9-x86

10

9a6a0065d3...18.apk

android-10-x64

10

9a6a0065d3...18.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9a6a0065d390836ece27df30ba14db7f_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240815-rxayrs1dlm

  • MD5

    9a6a0065d390836ece27df30ba14db7f

  • SHA1

    0cf21e39120f41f5c96360faa9260443aa9db809

  • SHA256

    4da1a07d52db4243c001d32265f0a1951091bfde058c4919ef2e973a24c2a8ca

  • SHA512

    81d1302021d133b802a8b6ca0252097a7cf2bcd6930ed7881c1996652de2adc66348c66e2183b16865f08d3b5df0c7f1b576a5dc0040e99fb931783e498146ec

  • SSDEEP

    98304:1zkLWIFcjwYlBRHXs+53WlmBmVg0sN50dy4/X4gWgDQB1+SqfaHVxgw:1zwTFcEqBRsKou0sNbSogWgcBQk1xgw

Score
10/10
smsfactoryandroiddiscoveryevasionexecutionimpactinfostealerpersistencetrojan

Malware Config

Extracted

Family

smsfactory

C2

http://smartlink.mobilelinks.xyz

Targets

    • Target

      9a6a0065d390836ece27df30ba14db7f_JaffaCakes118

    • Size

      5.0MB

    • MD5

      9a6a0065d390836ece27df30ba14db7f

    • SHA1

      0cf21e39120f41f5c96360faa9260443aa9db809

    • SHA256

      4da1a07d52db4243c001d32265f0a1951091bfde058c4919ef2e973a24c2a8ca

    • SHA512

      81d1302021d133b802a8b6ca0252097a7cf2bcd6930ed7881c1996652de2adc66348c66e2183b16865f08d3b5df0c7f1b576a5dc0040e99fb931783e498146ec

    • SSDEEP

      98304:1zkLWIFcjwYlBRHXs+53WlmBmVg0sN50dy4/X4gWgDQB1+SqfaHVxgw:1zwTFcEqBRsKou0sNbSogWgcBQk1xgw

    Score
    10/10
    smsfactorydiscoveryevasionexecutionimpactinfostealerpersistencetrojan

    • SMSFactory

      SMSFactory is an Android SMS trojan malware first seen in Jun 2022.

      trojaninfostealersmsfactory

    • Checks if the Android device is rooted.

      evasion

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks