General
-
Target
889424be67befc68a3fea419e5cb14a8_JaffaCakes118
-
Size
1.4MB
-
Sample
241103-ac1v1sslcr
-
MD5
889424be67befc68a3fea419e5cb14a8
-
SHA1
63b28e24950dd3e39703a88976e9a590ef14f8e0
-
SHA256
a4db55c315d5d9be45d18488db2573490c60dad0bc8a7d7d0a2c7f8207ac982b
-
SHA512
9174930f48cc98f116f8f356f28fe3725878c688da493f89cb1d11f8d5144d0fe1cbef4b10e36e7925c4f1956485c522a8fdaed963de95bb9d4a6d23e520eeb9
-
SSDEEP
24576:+KxAzNBRgZL0/CTqsrfnQ9L2H8sru4CbG7KgzBBdaKpHrG856M23ftfY:+WAZLQdbM9ma4CiGgFBpL2ftfY
Static task
static1
Behavioral task
behavioral1
Sample
889424be67befc68a3fea419e5cb14a8_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
com.skymobi.pay.plugin.main_v10014.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
com.skymobi.pay.plugin.main_v10014.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
com.skymobi.pay.plugin.main_v10014.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral5
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral6
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral7
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
889424be67befc68a3fea419e5cb14a8_JaffaCakes118
-
Size
1.4MB
-
MD5
889424be67befc68a3fea419e5cb14a8
-
SHA1
63b28e24950dd3e39703a88976e9a590ef14f8e0
-
SHA256
a4db55c315d5d9be45d18488db2573490c60dad0bc8a7d7d0a2c7f8207ac982b
-
SHA512
9174930f48cc98f116f8f356f28fe3725878c688da493f89cb1d11f8d5144d0fe1cbef4b10e36e7925c4f1956485c522a8fdaed963de95bb9d4a6d23e520eeb9
-
SSDEEP
24576:+KxAzNBRgZL0/CTqsrfnQ9L2H8sru4CbG7KgzBBdaKpHrG856M23ftfY:+WAZLQdbM9ma4CiGgFBpL2ftfY
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Reads the content of SMS inbox messages.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
-
-
Target
com.skymobi.pay.plugin.main_v10014.pl
-
Size
58KB
-
MD5
b0a39aaa44ac82ec0fd321914f6aa668
-
SHA1
10a20428675480d68cbc64a5a4be12bde81aaca2
-
SHA256
e44f6d6dc173a53f4d7e4bbcbc92bf991ffea14af1612ee29b81f56c33b6d5ef
-
SHA512
fde8a61b36e3a27acd98ce24b594b71690456c40f76785dac0a4809f66570d4196b60e1e47616cf9855faac18822fe6d953b59534a39506daa15c7a285d70999
-
SSDEEP
1536:3a3tkLIW2T8X1S2TN6DH3twagFsydRWd69RJwC27nLt:qmkW1lSiNsaapSRWd61wd7Lt
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.recordupload_v10009.pl
-
Size
38KB
-
MD5
55c24dc00f667f62ee0cc0dfca41fc28
-
SHA1
1811dd0ba5f5bdfeef743332b7ef1b8e4097a23c
-
SHA256
8199c84eb1412ac9f13edc3bff4cd66e788847143bd0c8497ce7f699a0d68e77
-
SHA512
b5a5269065f4bcf05c560315255c49dc7eafc015458eca425f6b44eec0ee74c3e1d481e06df70deca25056a8fd070efb5adcf364061a8e5c1e26fb8e102caf69
-
SSDEEP
768:Tf5Ui0Wh/Ndv7j7LF12NADhHl2ASeCYuD:+WNNdDJ0NahHMAS3D
Score1/10 -