Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0091f328f9f53232050d7d0ef9b8cb95_JaffaCakes118
-
Size
6.0MB
-
Sample
240930-k9velssakg
-
MD5
0091f328f9f53232050d7d0ef9b8cb95
-
SHA1
a66040f1c88dbfb331c03b3d3e2ff96a9afce37e
-
SHA256
02b0526d87c925cfaa01f86f5553a8c4060f3c4a9e580e98cc350eeb140dcf19
-
SHA512
6d0124d537f412555b6a131ab44b02c7784df5f55707323c7fa65d54e06cd3a0807b29ffcc6a9c05027cf7befb0a65155c6f5a69a936a2ccbb18306de527f470
-
SSDEEP
98304:Elv1V94Ku0cLAasDBxdPdWcASzR83R2aN0ow9X7omO4qigIU:yv1VfcLAaoBxdPcVSzRsR2aNv+LomMPT
Malware Config
Targets
-
-
Target
0091f328f9f53232050d7d0ef9b8cb95_JaffaCakes118
-
Size
6.0MB
-
MD5
0091f328f9f53232050d7d0ef9b8cb95
-
SHA1
a66040f1c88dbfb331c03b3d3e2ff96a9afce37e
-
SHA256
02b0526d87c925cfaa01f86f5553a8c4060f3c4a9e580e98cc350eeb140dcf19
-
SHA512
6d0124d537f412555b6a131ab44b02c7784df5f55707323c7fa65d54e06cd3a0807b29ffcc6a9c05027cf7befb0a65155c6f5a69a936a2ccbb18306de527f470
-
SSDEEP
98304:Elv1V94Ku0cLAasDBxdPdWcASzR83R2aN0ow9X7omO4qigIU:yv1VfcLAaoBxdPcVSzRsR2aNv+LomMPT
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of SMS inbox messages.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
-
-
Target
com.skymobi.pay.appui_v1001.pl
-
Size
149KB
-
MD5
132f2edcaf9b77f4b23e5e10f97f87fa
-
SHA1
6b43eac7c6cafce26b8db6dcd5ba0868397ddf51
-
SHA256
120e2e0119750d6fb5b797072aa316eadbf1cf07e5b31f02d76a2f5301f9c023
-
SHA512
bb38593cb15a8a36dee414ed5126e40e6693193224e49e4399c2421dc863f6cdb984716ee35a5eb5b6880aa569ec10f770664d0728309aa746ec1839b3748d67
-
SSDEEP
3072:7k79N/nc80WMU6Qr5sCobVwBM1qmEXt0BIaurLxEOWU+0PWYLz0zz1Z:7kLdNs3bqM1qP2BIaurFKJcy1Z
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.main_v1005.pl
-
Size
50KB
-
MD5
6a2f8961c75ff474d6e62f87d2ae700e
-
SHA1
6322a924e3e533a5fd556cec52c2e4f4c0580464
-
SHA256
83d06c3c2c9e52b7703409b33900e86f6954e4946dc475ce7538a86b76f94c9f
-
SHA512
6aa3badee9e9d2637eed62c4c582c630cd0bb5b9b622f025b10f7435fd10d7934857f2470e70de80e3c20e1d04681d48d82041ce324febe1ba258677b2b195c1
-
SSDEEP
768:WzcBtm6dJ+Sjg00NLj7UPDaUJlEqItB1uvxbn+ufYzxV0NewmHJit8moez+d+:W01dJrgH7uzu1uBnNfU0estoezG+
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.recordupload_v1005.pl
-
Size
40KB
-
MD5
2149a6f83bd5ada02f9c4e66e1f16378
-
SHA1
7ed873b29c8088a704ec57c59a5e5847051e9a9b
-
SHA256
5b861e755afb702beaf86d00148acd272bef338e5f6bfd23d4e95ace55f6f6b5
-
SHA512
18782ffbfe29159d509258db437029381cf2a483bd677ac7a71c1d27462a76f9aa754f45606e292fdd48d401c18954a3532066c4e0c8600e03bf538b5987d920
-
SSDEEP
768:lWkC2BYtQRjlDiMfr/p8a2uBiOkN2sgxtqh+fBQcfwDkMoI:lWkC2StQtfr12uBiOkCxccfBQsTzI
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.smspay_v1005.pl
-
Size
184KB
-
MD5
1a4244d8d15916c458745b86d5d93aa6
-
SHA1
83bdfea695fecbe66b4936f0a28173810bf7a584
-
SHA256
18960f77dac0fb8902306863b55bf8e7f98842217b7b70e1bb7a93a644551149
-
SHA512
2a6b579bc74d3d7767f934664a6622d7d54cdd0b00a701ddfa055b3c87216998c6c321860d3b01501b272ae736b550e10c665dbab052aa7ca2c1a1726930b00e
-
SSDEEP
3072:KO8zxxS4MAVSOOzdLtAAv/HOIpnO4J/4LKyBMT+GYfqFA5I0BGmgWbCiw5/YZ3z5:KOkXpMAV3OzxtAA3BdO4JOo+GGvtGubh
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1