Overview
overview
8Static
static
64b9890349e...18.apk
android-9-x86
8Plugin2.apk
android-9-x86
Plugin2.apk
android-10-x64
Plugin2.apk
android-11-x64
com.skymob...10.apk
android-9-x86
1com.skymob...10.apk
android-10-x64
1com.skymob...10.apk
android-11-x64
1com.skymob...09.apk
android-9-x86
1com.skymob...09.apk
android-10-x64
1com.skymob...09.apk
android-11-x64
1com.skymob...16.apk
android-9-x86
com.skymob...16.apk
android-10-x64
com.skymob...16.apk
android-11-x64
skymobi_pa...in.apk
android-9-x86
4skymobi_pa...in.apk
android-10-x64
4skymobi_pa...in.apk
android-11-x64
1lyhtgh.mn....23.apk
android-9-x86
1lyhtgh.mn....23.apk
android-10-x64
1lyhtgh.mn....23.apk
android-11-x64
1unicom_resource.apk
android-9-x86
1unicom_resource.apk
android-10-x64
1unicom_resource.apk
android-11-x64
1General
-
Target
4b9890349ecbf121658f163fc3a5d2d5_JaffaCakes118
-
Size
8.1MB
-
Sample
241016-f7fq8avdqe
-
MD5
4b9890349ecbf121658f163fc3a5d2d5
-
SHA1
b751fce733b97c123539160b0c964334b16c8a0b
-
SHA256
f2d56bebf153ac998707ecc09bd6900aa3a4d13342fd2f1a9020b1971aba9c6f
-
SHA512
71bebfdf8dc7e8547e5789bc39a2be1212b2304e074a0210a584ad422d3d6dd262dff761bbcaf9e3dc73dce408549e6daaf55d062a9c908e8da61419459cfe71
-
SSDEEP
196608:v9ciUJRFKGWNfIs0+G/4D941HFYm7hIal1k2yFkCqw7clp:v9EYGWP0+G/4h41lRyg1k2yFk2I
Static task
static1
Behavioral task
behavioral1
Sample
4b9890349ecbf121658f163fc3a5d2d5_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
Plugin2.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
Plugin2.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
Plugin2.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral5
Sample
com.skymobi.pay.plugin.main_v10010.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral6
Sample
com.skymobi.pay.plugin.main_v10010.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral7
Sample
com.skymobi.pay.plugin.main_v10010.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral8
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral9
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral10
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral11
Sample
com.skymobi.pay.plugin.smspay_v10016.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral12
Sample
com.skymobi.pay.plugin.smspay_v10016.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral13
Sample
com.skymobi.pay.plugin.smspay_v10016.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral14
Sample
skymobi_pay_wxplugin.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral15
Sample
skymobi_pay_wxplugin.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral16
Sample
skymobi_pay_wxplugin.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral17
Sample
lyhtgh.mn.ltplugin_v1023.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral18
Sample
lyhtgh.mn.ltplugin_v1023.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral19
Sample
lyhtgh.mn.ltplugin_v1023.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral20
Sample
unicom_resource.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral21
Sample
unicom_resource.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral22
Sample
unicom_resource.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
4b9890349ecbf121658f163fc3a5d2d5_JaffaCakes118
-
Size
8.1MB
-
MD5
4b9890349ecbf121658f163fc3a5d2d5
-
SHA1
b751fce733b97c123539160b0c964334b16c8a0b
-
SHA256
f2d56bebf153ac998707ecc09bd6900aa3a4d13342fd2f1a9020b1971aba9c6f
-
SHA512
71bebfdf8dc7e8547e5789bc39a2be1212b2304e074a0210a584ad422d3d6dd262dff761bbcaf9e3dc73dce408549e6daaf55d062a9c908e8da61419459cfe71
-
SSDEEP
196608:v9ciUJRFKGWNfIs0+G/4D941HFYm7hIal1k2yFkCqw7clp:v9EYGWP0+G/4h41lRyg1k2yFk2I
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of SMS inbox messages.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
Plugin2.apk
-
Size
108KB
-
MD5
62a5d44b8fd012b1d59db62d63d09572
-
SHA1
75bc2cfe30b52be53ae9dad12509e33a0305dc61
-
SHA256
951f289c1ce2422da28a336896943053f1f6821c04546d14f728ef433e30d710
-
SHA512
a3f561a790eddeeda4116535091415e84d15855d6fe919cf288fa442e4baa1173bdd1bd3873daffb95c780b2dffe4ecbb67ab64ac8e2d7f64c86d01a2f7ddd19
-
SSDEEP
1536:SKZq8eokppVqIbH8EvT9WYXy42kq65O6ys9+k/+MxbYb8aCyB32Bz51kDf:SKgokD9TL9y42kP5O6yqv+MxbYnCpOf
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.main_v10010.pl
-
Size
56KB
-
MD5
f7ac8045aed15eb38ffad345cf33389e
-
SHA1
c07acd8c9b82d029669e4befa08830df804f0d3e
-
SHA256
e6c51d15ade2eaff2ce08fc9b7826c97cf4b47db05054b22b3a8e775f21cb8a0
-
SHA512
267a0036597282cd1dbaaf8204aa5eadf82543fb0af449b9ae0a4d9eb878e29514f2332725c8ef35b74fe5e7fd23c20924b9bf53c4cdb29fa7bde53d02753c83
-
SSDEEP
1536:/0dSymllAt4YjEIbDZT8OT7m3WNlSN2rpcSPqNF5oa:vK4YYInZT5Hm3wFldPqNFya
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.recordupload_v10009.pl
-
Size
38KB
-
MD5
55c24dc00f667f62ee0cc0dfca41fc28
-
SHA1
1811dd0ba5f5bdfeef743332b7ef1b8e4097a23c
-
SHA256
8199c84eb1412ac9f13edc3bff4cd66e788847143bd0c8497ce7f699a0d68e77
-
SHA512
b5a5269065f4bcf05c560315255c49dc7eafc015458eca425f6b44eec0ee74c3e1d481e06df70deca25056a8fd070efb5adcf364061a8e5c1e26fb8e102caf69
-
SSDEEP
768:Tf5Ui0Wh/Ndv7j7LF12NADhHl2ASeCYuD:+WNNdDJ0NahHMAS3D
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.smspay_v10016.pl
-
Size
206KB
-
MD5
83b792271086adb731914b20d8630311
-
SHA1
afff7087052dd941f15550948506aeb19889c54a
-
SHA256
0819622a958aedab8d825bf9341d9a8190e56d92d5b47fc9bf0841e90fd680c4
-
SHA512
6c9dd1e108aa5d3fe36060bcdbab08dcb74fcb771a891f37687a98dd5b0e09c08e580314bfb4219cba8047fa349986b934f563c084ca8623173ca8b6b306fd13
-
SSDEEP
6144:M5duUYxwXhgUVXbydoBiYVLbJRNy8NXEc1k2yFp:AlYx2hTXbGoBRbJRNycEc1k2yFp
Score1/10 -
-
-
Target
skymobi_pay_wxplugin.apk
-
Size
33KB
-
MD5
73d8a99bf9de4eb876f1739627197190
-
SHA1
135f99fe90f129274c74f5c9b032294bfae3d05a
-
SHA256
6d6f22a6688689b35a723620794bc03e958a69e1770073bd921d3c6129733f26
-
SHA512
d5d9068f5fbf3c85bafb8edf084c40e4411814f02542cde120815951c6a2cfae78a0b08f930ef7143f10145ce0abcbd942c44f54afbb0d963ba47c653a162049
-
SSDEEP
768:iwFX6Lei59coj/94ML6plol/S54bLhWQeJ:iwF0t5jj1/LMcaivhWQC
Score4/10 -
-
-
Target
lyhtgh.mn.ltplugin_v1023.pl
-
Size
145KB
-
MD5
278e8100ea1ee2c466d55451e87cef73
-
SHA1
8347d2b269f74841ca92cef51d450ed953d73aaa
-
SHA256
06d08532287fc6a934aba8d5a361eb83e4d7a1c8cde4f6663ab2746e4fc09a38
-
SHA512
3e7fcf245a07ce8e03a78f75835c30e0b0f270e68987f85b92aa97f7b0894d73702ebdd80372cddea310a52624db1ccf65125399b6bf218dbd717ad053dec088
-
SSDEEP
3072:oxUD4XoHRfdDehWRT3ZI2c9CvcLUswbaTqM2r1vjKIjCB94PXZ:h4oBda8TXc8v0UsjTQJjtCu
Score1/10 -
-
-
Target
unicom_resource.dat
-
Size
41KB
-
MD5
1099cc55782e9dfbea4df0cc9c42e8af
-
SHA1
c398368af914bbc35187b15201ab9b10de3f0592
-
SHA256
7ae180774a4f784d4ebc21650295cea6269d0c4a1884a5af815930ee47553279
-
SHA512
e6dcdac4c51042db8a91f25cf9d1461c0b4284a5138086fb3264e7090840aa6ca144f18e7bc498d0ecd1d131804193d94bdf471e8ada15f7b30b2bb8359adef8
-
SSDEEP
768:R8gYCYCpONOKIfwiFWAkEsDVop56mAOvuGMC21q0dkHj:9PRpO4KsOOvuG3+dkD
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2