Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb833cdb0bb1a7ffc9190ff366cf0cfa_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240928-e7nw6azdkc

  • MD5

    fb833cdb0bb1a7ffc9190ff366cf0cfa

  • SHA1

    5340c06cc99bb6fbb7700f8f85aa7b3da45bb74d

  • SHA256

    6041b3e0b3b1b88b0c93f26a58a5d1f35b3552d4af92b500a07fbb7f32cb4f01

  • SHA512

    1f57369d9705941ed382065660c52fe8281b89a7bc5bd0d231b903f534cd6d1413609f3d45a473e1514cf84bd6e91925ccec690d1a668a4dcec3b9091a3ff535

  • SSDEEP

    98304:mrfZdA3eOQGLVqAQ7MZPwz9Vqo9AuICisplUhii22Sqfapn+2Au91:IbA3bQGLLOKa9xGAlDifIp+2Au91

Malware Config

Extracted

Family

smsfactory

C2

http://smartlink.mobilelinks.xyz

Targets

    • Target

      fb833cdb0bb1a7ffc9190ff366cf0cfa_JaffaCakes118

    • Size

      5.0MB

    • MD5

      fb833cdb0bb1a7ffc9190ff366cf0cfa

    • SHA1

      5340c06cc99bb6fbb7700f8f85aa7b3da45bb74d

    • SHA256

      6041b3e0b3b1b88b0c93f26a58a5d1f35b3552d4af92b500a07fbb7f32cb4f01

    • SHA512

      1f57369d9705941ed382065660c52fe8281b89a7bc5bd0d231b903f534cd6d1413609f3d45a473e1514cf84bd6e91925ccec690d1a668a4dcec3b9091a3ff535

    • SSDEEP

      98304:mrfZdA3eOQGLVqAQ7MZPwz9Vqo9AuICisplUhii22Sqfapn+2Au91:IbA3bQGLLOKa9xGAlDifIp+2Au91

    • SMSFactory

      SMSFactory is an Android SMS trojan malware first seen in Jun 2022.

    • Checks if the Android device is rooted.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks