Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_7185ff85ec43f1a42fe89725720975fb

  • Size

    5.0MB

  • Sample

    250103-2a7dkawphz

  • MD5

    7185ff85ec43f1a42fe89725720975fb

  • SHA1

    3f916ea5c07abb2308bb4e2f5391ac979998b4be

  • SHA256

    de032609bda6ab2da5ccf34923eccf0024f2342795a220f5e7ce8c14ebc87e34

  • SHA512

    fd184eedb6778943924b09f1f3e44fe8fd04ec15d9170144a0ae58066afbc8a075f0ff91c13e1bed1eb31aea407b20afa27cc1e543c0301b520f0cec88db34d1

  • SSDEEP

    98304:9cOAB+dOZB9G1MDBBmWqMQhNgWavgu33hiUlnpxF1BonsAOAZBoeSNUSqf8SbZfz:ypB+dOZB9BDBBmWXcQ933hiq3TonsAO0

Malware Config

Extracted

Family

smsfactory

C2

http://smartlink.mobilelinks.xyz

Targets

    • Target

      JaffaCakes118_7185ff85ec43f1a42fe89725720975fb

    • Size

      5.0MB

    • MD5

      7185ff85ec43f1a42fe89725720975fb

    • SHA1

      3f916ea5c07abb2308bb4e2f5391ac979998b4be

    • SHA256

      de032609bda6ab2da5ccf34923eccf0024f2342795a220f5e7ce8c14ebc87e34

    • SHA512

      fd184eedb6778943924b09f1f3e44fe8fd04ec15d9170144a0ae58066afbc8a075f0ff91c13e1bed1eb31aea407b20afa27cc1e543c0301b520f0cec88db34d1

    • SSDEEP

      98304:9cOAB+dOZB9G1MDBBmWqMQhNgWavgu33hiUlnpxF1BonsAOAZBoeSNUSqf8SbZfz:ypB+dOZB9BDBBmWXcQ933hiq3TonsAO0

    • SMSFactory

      SMSFactory is an Android SMS trojan malware first seen in Jun 2022.

    • Smsfactory family

    • Checks if the Android device is rooted.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks