Overview
overview
8Static
static
68a695c617a...18.apk
android-9-x86
8com.skymob...01.apk
android-9-x86
1com.skymob...01.apk
android-10-x64
1com.skymob...01.apk
android-11-x64
1com.skymob...09.apk
android-9-x86
1com.skymob...09.apk
android-10-x64
1com.skymob...09.apk
android-11-x64
1com.skymob...09.apk
android-9-x86
1com.skymob...09.apk
android-10-x64
1com.skymob...09.apk
android-11-x64
1com.skymob...12.apk
android-9-x86
com.skymob...12.apk
android-10-x64
com.skymob...12.apk
android-11-x64
skymobi_pa...in.apk
android-9-x86
1skymobi_pa...in.apk
android-10-x64
4skymobi_pa...in.apk
android-11-x64
1General
-
Target
8a695c617a449ab5293674c924819abd_JaffaCakes118
-
Size
3.6MB
-
Sample
241103-jv38jayhlg
-
MD5
8a695c617a449ab5293674c924819abd
-
SHA1
c441f142e815176ac66214ac1b80e1a62c0439a0
-
SHA256
5a4b6c49b516a7462368a46c143c005833401c459e1a73ae77baff5bf4f5756b
-
SHA512
b86256b4130d1ddaf5f86e873860e6d0e829e450d632b13289b811bc631afd03ff9cae74539688dda336c4966c1014050fb569ec4846b1cc71f590a097cfa2be
-
SSDEEP
98304:Vic+Lf4M4dk+ujmm4FZDQUfWyEGDKjdLcC/Zeyn+juilV71i:VrM8USkUfWyEGedoC/Z3JEV7o
Static task
static1
Behavioral task
behavioral1
Sample
8a695c617a449ab5293674c924819abd_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
com.skymobi.pay.appui_v1001.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
com.skymobi.pay.appui_v1001.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral4
Sample
com.skymobi.pay.appui_v1001.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral5
Sample
com.skymobi.pay.plugin.main_v10009.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral6
Sample
com.skymobi.pay.plugin.main_v10009.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral7
Sample
com.skymobi.pay.plugin.main_v10009.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral8
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral9
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral10
Sample
com.skymobi.pay.plugin.recordupload_v10009.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral11
Sample
com.skymobi.pay.plugin.smspay_v10012.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral12
Sample
com.skymobi.pay.plugin.smspay_v10012.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral13
Sample
com.skymobi.pay.plugin.smspay_v10012.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral14
Sample
skymobi_pay_wxplugin.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral15
Sample
skymobi_pay_wxplugin.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral16
Sample
skymobi_pay_wxplugin.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
8a695c617a449ab5293674c924819abd_JaffaCakes118
-
Size
3.6MB
-
MD5
8a695c617a449ab5293674c924819abd
-
SHA1
c441f142e815176ac66214ac1b80e1a62c0439a0
-
SHA256
5a4b6c49b516a7462368a46c143c005833401c459e1a73ae77baff5bf4f5756b
-
SHA512
b86256b4130d1ddaf5f86e873860e6d0e829e450d632b13289b811bc631afd03ff9cae74539688dda336c4966c1014050fb569ec4846b1cc71f590a097cfa2be
-
SSDEEP
98304:Vic+Lf4M4dk+ujmm4FZDQUfWyEGDKjdLcC/Zeyn+juilV71i:VrM8USkUfWyEGedoC/Z3JEV7o
Score8/10-
Checks if the Android device is rooted.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
-
-
Target
com.skymobi.pay.appui_v1001.pl
-
Size
208KB
-
MD5
af898ccdbb0f46cf19fc4a0060e53b7a
-
SHA1
d770e4bcfde18c7dbe5b77457e02ff70fcee7c5e
-
SHA256
34d3c1108dd7051771427db3fc8e365fe94fbd1b660249717fe6213b42cc5cb6
-
SHA512
6ff6c9ffe982cfc0853c7ac06c2647b1aef8e8d1a8ed2aa60147e1481515a864b8f993ae67268f36728b23d5a56ec68286a0f14dbbd182d3c8c15d0ad5165992
-
SSDEEP
3072:9Ub7Yhju7Lg0WlSsI4639APt/8605ciZcz+GVbYW9+0cet5Qvs/olLz:907kKLaS54s6E60yimCQsFeovsgFz
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.main_v10009.pl
-
Size
48KB
-
MD5
57bb224208b106b9eed801d25443ca57
-
SHA1
68bddaaf2eb1a107f37ee0008525a487831fa294
-
SHA256
64f6da6bdd97550fae04deb389deeb1337aa7ed4b2056f001c16785d40062389
-
SHA512
3bfeb4e3688faba0d3371d2d1adebb0697fbce370351d83c96e3ec41a694fcf3f6f542d9bec48113c55b13dcf69db9854b87669408a8d093058d2dea8f49c34d
-
SSDEEP
1536:ZEihnIZwgpN4URxqLEHr9lKfZn/x3vyCftt9Qhq:ZNpIZdbE4nKfZxfy4P9Kq
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.recordupload_v10009.pl
-
Size
38KB
-
MD5
55c24dc00f667f62ee0cc0dfca41fc28
-
SHA1
1811dd0ba5f5bdfeef743332b7ef1b8e4097a23c
-
SHA256
8199c84eb1412ac9f13edc3bff4cd66e788847143bd0c8497ce7f699a0d68e77
-
SHA512
b5a5269065f4bcf05c560315255c49dc7eafc015458eca425f6b44eec0ee74c3e1d481e06df70deca25056a8fd070efb5adcf364061a8e5c1e26fb8e102caf69
-
SSDEEP
768:Tf5Ui0Wh/Ndv7j7LF12NADhHl2ASeCYuD:+WNNdDJ0NahHMAS3D
Score1/10 -
-
-
Target
com.skymobi.pay.plugin.smspay_v10012.pl
-
Size
210KB
-
MD5
a3ce8ac1b9d6cd351654f89893055cab
-
SHA1
8c6ebef08f4cdcda25b4d32b9970ee7582a4120e
-
SHA256
729752800e70f02cb962e578c09df790ce4359966c869a8237808a2c20b89ad8
-
SHA512
bc88559d08dc0112514c45d1725352472b8a429e7130b70232c27420417c258f9e5cbb9f322a831e0033d2ed44d32f1c9b7d02e573586c59b77e5af8cc1e74b0
-
SSDEEP
6144:z5d64lM5ZG7PMtw0zM6FWvOPh99+eBscngdrfWyEGv:F84lPkfuOPD9JGcSrfWyEGv
Score1/10 -
-
-
Target
skymobi_pay_wxplugin.apk
-
Size
33KB
-
MD5
73d8a99bf9de4eb876f1739627197190
-
SHA1
135f99fe90f129274c74f5c9b032294bfae3d05a
-
SHA256
6d6f22a6688689b35a723620794bc03e958a69e1770073bd921d3c6129733f26
-
SHA512
d5d9068f5fbf3c85bafb8edf084c40e4411814f02542cde120815951c6a2cfae78a0b08f930ef7143f10145ce0abcbd942c44f54afbb0d963ba47c653a162049
-
SSDEEP
768:iwFX6Lei59coj/94ML6plol/S54bLhWQeJ:iwF0t5jj1/LMcaivhWQC
Score4/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1