General

  • Target

    8a695c617a449ab5293674c924819abd_JaffaCakes118

  • Size

    3.6MB

  • Sample

    241103-jv38jayhlg

  • MD5

    8a695c617a449ab5293674c924819abd

  • SHA1

    c441f142e815176ac66214ac1b80e1a62c0439a0

  • SHA256

    5a4b6c49b516a7462368a46c143c005833401c459e1a73ae77baff5bf4f5756b

  • SHA512

    b86256b4130d1ddaf5f86e873860e6d0e829e450d632b13289b811bc631afd03ff9cae74539688dda336c4966c1014050fb569ec4846b1cc71f590a097cfa2be

  • SSDEEP

    98304:Vic+Lf4M4dk+ujmm4FZDQUfWyEGDKjdLcC/Zeyn+juilV71i:VrM8USkUfWyEGedoC/Z3JEV7o

Malware Config

Targets

    • Target

      8a695c617a449ab5293674c924819abd_JaffaCakes118

    • Size

      3.6MB

    • MD5

      8a695c617a449ab5293674c924819abd

    • SHA1

      c441f142e815176ac66214ac1b80e1a62c0439a0

    • SHA256

      5a4b6c49b516a7462368a46c143c005833401c459e1a73ae77baff5bf4f5756b

    • SHA512

      b86256b4130d1ddaf5f86e873860e6d0e829e450d632b13289b811bc631afd03ff9cae74539688dda336c4966c1014050fb569ec4846b1cc71f590a097cfa2be

    • SSDEEP

      98304:Vic+Lf4M4dk+ujmm4FZDQUfWyEGDKjdLcC/Zeyn+juilV71i:VrM8USkUfWyEGedoC/Z3JEV7o

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Target

      com.skymobi.pay.appui_v1001.pl

    • Size

      208KB

    • MD5

      af898ccdbb0f46cf19fc4a0060e53b7a

    • SHA1

      d770e4bcfde18c7dbe5b77457e02ff70fcee7c5e

    • SHA256

      34d3c1108dd7051771427db3fc8e365fe94fbd1b660249717fe6213b42cc5cb6

    • SHA512

      6ff6c9ffe982cfc0853c7ac06c2647b1aef8e8d1a8ed2aa60147e1481515a864b8f993ae67268f36728b23d5a56ec68286a0f14dbbd182d3c8c15d0ad5165992

    • SSDEEP

      3072:9Ub7Yhju7Lg0WlSsI4639APt/8605ciZcz+GVbYW9+0cet5Qvs/olLz:907kKLaS54s6E60yimCQsFeovsgFz

    Score
    1/10
    • Target

      com.skymobi.pay.plugin.main_v10009.pl

    • Size

      48KB

    • MD5

      57bb224208b106b9eed801d25443ca57

    • SHA1

      68bddaaf2eb1a107f37ee0008525a487831fa294

    • SHA256

      64f6da6bdd97550fae04deb389deeb1337aa7ed4b2056f001c16785d40062389

    • SHA512

      3bfeb4e3688faba0d3371d2d1adebb0697fbce370351d83c96e3ec41a694fcf3f6f542d9bec48113c55b13dcf69db9854b87669408a8d093058d2dea8f49c34d

    • SSDEEP

      1536:ZEihnIZwgpN4URxqLEHr9lKfZn/x3vyCftt9Qhq:ZNpIZdbE4nKfZxfy4P9Kq

    Score
    1/10
    • Target

      com.skymobi.pay.plugin.recordupload_v10009.pl

    • Size

      38KB

    • MD5

      55c24dc00f667f62ee0cc0dfca41fc28

    • SHA1

      1811dd0ba5f5bdfeef743332b7ef1b8e4097a23c

    • SHA256

      8199c84eb1412ac9f13edc3bff4cd66e788847143bd0c8497ce7f699a0d68e77

    • SHA512

      b5a5269065f4bcf05c560315255c49dc7eafc015458eca425f6b44eec0ee74c3e1d481e06df70deca25056a8fd070efb5adcf364061a8e5c1e26fb8e102caf69

    • SSDEEP

      768:Tf5Ui0Wh/Ndv7j7LF12NADhHl2ASeCYuD:+WNNdDJ0NahHMAS3D

    Score
    1/10
    • Target

      com.skymobi.pay.plugin.smspay_v10012.pl

    • Size

      210KB

    • MD5

      a3ce8ac1b9d6cd351654f89893055cab

    • SHA1

      8c6ebef08f4cdcda25b4d32b9970ee7582a4120e

    • SHA256

      729752800e70f02cb962e578c09df790ce4359966c869a8237808a2c20b89ad8

    • SHA512

      bc88559d08dc0112514c45d1725352472b8a429e7130b70232c27420417c258f9e5cbb9f322a831e0033d2ed44d32f1c9b7d02e573586c59b77e5af8cc1e74b0

    • SSDEEP

      6144:z5d64lM5ZG7PMtw0zM6FWvOPh99+eBscngdrfWyEGv:F84lPkfuOPD9JGcSrfWyEGv

    Score
    1/10
    • Target

      skymobi_pay_wxplugin.apk

    • Size

      33KB

    • MD5

      73d8a99bf9de4eb876f1739627197190

    • SHA1

      135f99fe90f129274c74f5c9b032294bfae3d05a

    • SHA256

      6d6f22a6688689b35a723620794bc03e958a69e1770073bd921d3c6129733f26

    • SHA512

      d5d9068f5fbf3c85bafb8edf084c40e4411814f02542cde120815951c6a2cfae78a0b08f930ef7143f10145ce0abcbd942c44f54afbb0d963ba47c653a162049

    • SSDEEP

      768:iwFX6Lei59coj/94ML6plol/S54bLhWQeJ:iwF0t5jj1/LMcaivhWQC

    Score
    4/10

MITRE ATT&CK Mobile v15

Tasks