Overview

overview

10

Static

static

10

�...pi.dll

windows7-x64

3

�...pi.dll

windows10-2004-x64

3

�...pi.dll

windows7-x64

3

�...pi.dll

windows10-2004-x64

3

�...7).apk

android-9-x86

CallMaster...on.apk

android-9-x86

1

CallMaster...on.apk

android-10-x64

1

CallMaster...on.apk

android-11-x64

1

GingerBrea...rBreak

debian-12-armhf

�...OT.bat

windows7-x64

3

�...OT.bat

windows10-2004-x64

3

�...er.apk

android-9-x86

�...er.apk

android-10-x64

�...er.apk

android-11-x64

�...te.apk

android-9-x86

�...te.apk

android-10-x64

�...te.apk

android-11-x64

�...db.exe

windows7-x64

3

�...db.exe

windows10-2004-x64

3

�...usybox

debian-12-armhf

1

�...18.apk

android-9-x86

�...18.apk

android-10-x64

�...18.apk

android-11-x64

�..._1.apk

android-9-x86

�...ot.apk

android-9-x86

�...ot.apk

android-10-x64

�...ot.apk

android-11-x64

�...OOT/su

debian-12-armhf

�...99.apk

android-9-x86

qqwebdisk8.apk

android-9-x86

1

qqwebdisk8.apk

android-10-x64

1

qqwebdisk8.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_78ba988e4f67b294cd4bad239a9ac2a2

  • Size

    17.2MB

  • Sample

    250316-d9b5pstqs8

  • MD5

    78ba988e4f67b294cd4bad239a9ac2a2

  • SHA1

    9de70eb8ad7933e280f712fe1ac0af420603b8d8

  • SHA256

    1a808f82cf69a0fcf13e133151f5dd052ffe2353b1f1f77e9ce7c62edc4cbff9

  • SHA512

    0b5ab9f98b7bb0cfe675606ace89d18f71932e6d0cfe9c1e297678ca60fd04373b1f53b9cffe6cbbc01fc1bc4a70bdf97faad64db992c4b9e694351b03cae595

  • SSDEEP

    393216:/7VxC17f4zTk6L5iu09fnvXhm/UTsl+nV4/:xxC1D4zQfu09Xhm/UT8+V4/

Score
10/10
pegasusandroiddiscovery

Malware Config

Targets

    • Target

      S760һROOT/AdbWinApi.dll

    • Size

      94KB

    • MD5

      47a6ee3f186b2c2f5057028906bac0c6

    • SHA1

      fde9c22a2cfcd5e566cec2e987d942b78a4eeae8

    • SHA256

      14a51482aa003db79a400f4b15c158397fe6d57ee6606b3d633fa431a7bfdf4b

    • SHA512

      6a2675de0c445c75f7d5664ebe8f0e2f69c3312c50156161e483927e40235140d5e28e340112ac552d6462366143890a8ce32dbf65bd37e27cb1ea290fe14584

    • SSDEEP

      1536:npCxybY0FS6MqS6WvgD9xj03TabrFvY5J6sCGt:npo0k6ZWVTaif6sCG

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      S760һROOT/AdbWinUsbApi.dll

    • Size

      59KB

    • MD5

      5f23f2f936bdfac90bb0a4970ad365cf

    • SHA1

      12e14244b1a5d04a261759547c3d930547f52fa3

    • SHA256

      041c6859bb4fc78d3a903dd901298cd1ecfb75b6be0646b74954cd722280a407

    • SHA512

      49a7769d5e6cb2fda9249039d90465f7a4e612805bba48b7036456a3bbd230e4d13da72e4ade5155ddc08fe460735ec8d6df3bb11b72ff28e1149221e2fc3048

    • SSDEEP

      768:HLNk0yiFYWkgALpW+QvSugX0wUepQNXTQXdF+Q+An70edrqqOkIW:+yY8wugEwOVEXdz70e4gI

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      S760һROOT/CallMaster_V4.1.2.26_Android_pf145_bi800_(Build12073017).apk

    • Size

      5.1MB

    • MD5

      2d92f4cf0b911f01429d25022e4fb351

    • SHA1

      1f62e59ded4b7ce875e7bc44bdc6e3f604c4009d

    • SHA256

      38a935b4e8d2fe286af48c6dd7bf20f1df2c503584f07f23b21037e484799a1c

    • SHA512

      e8fe7238af4985a80d73da1e20d67c421af987becdf0bee8ece63dd25cd61963b73bf41ec1d9173b27e94f1340ef76704a2dd7562ef6549183ab1dccde7071cc

    • SSDEEP

      98304:GADZ3lk9Ce7HIXT0/3AvyoncDstctO418arXqZjI4dCAIvFNx12My:GsZ1k0e/AvBcDstcZ1We4dy3OMy

    Score
    1/10
    behavioral5

    • Target

      CallMasterNotification.apk

    • Size

      40KB

    • MD5

      fe1b07d802266f62ab32e1d1b5aef259

    • SHA1

      f097059ce924114043db4f51b02d847bb14118e8

    • SHA256

      895a85d7d6d4f94a7594a4167851ef7c5213e925f6c9d42ecf3f4a7833b94fb5

    • SHA512

      43fd641c2a8af688aa2c3d2b6e0d944c2fbbba9e704f2988a88b61dee71cc717bb676dd41c4df82cb02765f0b59890b87bb58810501a0666658fbf7eca79b66a

    • SSDEEP

      768:i0TZruOrXFWLKxe7X+Fu9LgRv6Xf3tpD+X7aFkuzRVV35:OObgLKxe7wuit6X/yLaFR5

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      GingerBreak2/GingerBreak

    • Size

      16KB

    • MD5

      3bbbf2f7d6c13de5ab00d2d02b495824

    • SHA1

      00dc0c37553368c3448e91ef793f5f15843f4477

    • SHA256

      7581a02da41e5761c65ae27922e689e1e0a7b3a5a0ff1c188455dc2d8648485b

    • SHA512

      f146be18f24a979fac439946b586dc2955e37a4ce5a56adc373eb8e754f514121207205647652e55a105f54fcc402b89760029366bf324ac7df4620dbd46cff3

    • SSDEEP

      192:CnFh8d2BrbCnfbVAFmg7AYtL2o63xYvUauLGT+PpHNTs0mcx+TsDaRZZjZu:4wUrmRSLxzvURLGTiHNQtZtu

    Score
    1/10
    behavioral9

    • Target

      S760һROOT/ROOT.bat

    • Size

      3KB

    • MD5

      17170700fab7785cb816a0709eeb8baf

    • SHA1

      9ddf099293a0b30f39b7cd1181213116028fb0f0

    • SHA256

      f89bc00652977419c61eb57be4b4af9a2f8defabeb29d0e73c786b7105850466

    • SHA512

      41f45fb7e69bd557d0fdd979c4bf2927200f6bcc045d55e20210a77acbb549d7075036a342080cf5ec08676398b12560af0d5a5409a40deb4e8bb0a168a5d132

    Score
    3/10
    discovery
    behavioral10behavioral11

    • Target

      S760һROOT/Superuser.apk

    • Size

      391KB

    • MD5

      3889d5b6aa921faba83bd8d2fcb1c6f0

    • SHA1

      b1f04ffbab6294938b284b5628f6db39dc067f4c

    • SHA256

      aed569efbfb6255806bb5d3ec02bb72f28fb66369178584b719bfb04cba290cd

    • SHA512

      2a9f2e8ca67a1b597d15263df8dc58fc7c11f9b8169900fd8270427272b20699ec12cdae6c7edc69d218c906f43376859a872799bdbf21e6f392596138ab603c

    • SSDEEP

      12288:5/HGiXR0CiVoKCeqIHjUPaMq46WJbfLYqV3z2EHKl:15X/ilCvVqglHE

    Score
    1/10
    behavioral12behavioral13behavioral14

    • Target

      S760һROOT/SuperuserElite.apk

    • Size

      136KB

    • MD5

      cdfa61fd3f6a33f824f51d10e63b3add

    • SHA1

      aea1f23da059c4194649a01ce9c4a1050f0b4e8e

    • SHA256

      081840fb47f3f85787d241c5c37cf98032dfe161f5a412303c3dc3e847dd3fd6

    • SHA512

      3245f782afc8eb1a15ebf797f6770626933d3bf1471b50276cd67fbde911a77a833d912258a98f8074303d6813f5a7a81dbbe8972e2925901e3bfa28c9a56506

    • SSDEEP

      3072:/xBTm/vMidEaofh5SZGyjZwQU50yosbbQqZb8DtPTKFkMfYm5:5WEjfh5+GAz+bUkb8D5gkMfJ5

    Score
    1/10
    behavioral15behavioral16behavioral17

    • Target

      S760һROOT/adb.exe

    • Size

      2.4MB

    • MD5

      410572a25853f5e67c082c7e2f7eccec

    • SHA1

      fa3092ef4925df2b9b8985338a086add7b63d5c9

    • SHA256

      92d232e42f666b299911167fd0006f7fb9b5920070db13738e17f9fbde308263

    • SHA512

      3fb06652a589edc69053f3773e4dc03be943c853d258218ea9a90b1848cdbeef7d7b286128e7e6ad315f5051eed9a05c2bb9b7efb07a0c8d29bd74eebbffa981

    • SSDEEP

      49152:AZef6Tft2OWqdvnuuKkQzLJJZe60Von6UDPosVHRDjqL0oQvMu:AZguI

    Score
    3/10
    discovery
    behavioral18behavioral19

    • Target

      S760һROOT/busybox

    • Size

      1.9MB

    • MD5

      d7fa0d0b8b0603ea26fea540a5ca4358

    • SHA1

      b98ae54dd3cfa432f2f89717a7decd519818f7ac

    • SHA256

      560f726fb1dc3c9fe4e14da6722b52e9a683cd427614dc43aa16ccd22c71fe70

    • SHA512

      57443f90608d30a667820f634a87e9b6a11abbcf113ed0daf5d7e1e90ef7f2303039806b2fcf237e04f48f5ce1a2caf4e54e36fe1dd6f0889fbbcabc58ca4270

    • SSDEEP

      49152:4gWLWYOsdkOeajx06BwJh0T+ji/BKsJk7kn:yLWYOsEOjiX0T5/Bkk

    Score
    1/10
    behavioral20

    • Target

      S760һROOT/kBatteryDoctor_2.9_2000290_14824_20120914_125957_40000018_40000018.apk

    • Size

      3.3MB

    • MD5

      9fc194a858aff88d2561189713870f56

    • SHA1

      61ca381b1d1d7263b6cb5fadca00b2f37678a976

    • SHA256

      d0f4c45eb21af24de102472e8706a87a30bafe6ae56f65d2e3873a1e8fe9dca8

    • SHA512

      7e934f289e8d25037ac21131e78bf4ac40ae9de4ee5dbc044fa9c70fdc957cac46881a1475f56b8da99a67529c0cc795b69ebd1606bc0d3a4058663fee159313

    • SSDEEP

      49152:5fBXNoN9VRVPf01f+xsyEMA6l06L4PhCPfRysQ7zGjbuCVEZ:zNonVnf01VyrA6lZ450fst7WwZ

    Score
    1/10
    behavioral21behavioral22behavioral23

    • Target

      S760һROOT/oupeng-1_1785_1785111_15_1.apk

    • Size

      1.3MB

    • MD5

      bbe38cfcef0a376b6a0cc0f42e4992e7

    • SHA1

      f28205d4f9bb6e885ec29e3967544fe2e22c589c

    • SHA256

      a7fa7a23fe83ae41b57bd81e64d239b1b29f1e784dc884bb8bebfd7b58dbfb8b

    • SHA512

      cab2de518f1b585d555c1461be4e7f51b63a4d714a9bce44e21ad82ed7a381d6d29ff72693bfb48e032c0cd0a8a05e2089a20a040b1b3d13465dd37e6f9609eb

    • SSDEEP

      24576:28RnifyOJQWfikgIQh4pLF8anYSuwwB6EeOF8XCy2qsbkbxHivQyO25RAnrQO:pG3JvfiPIlFF8anTu/BheOSTPsvvtIsO

    Score
    1/10
    behavioral24

    • Target

      S760һROOT/qixiazi_root.apk

    • Size

      338KB

    • MD5

      7ce9b74efca58846a637fae220d98bb7

    • SHA1

      ade1fa02c079bc0dd2d3b3ebd6b9b224e9364f31

    • SHA256

      5973d13f677af8ccc98f611a9118dae47f4f04f81128bc1e7c35e0031ae6c704

    • SHA512

      b387aaac098305f19450b49ea0b4ce1785ab8a14bf8c54d480c7b34d634cdf2eedbd55f7c1b76614b28f4aa1f932c463026af0bea58acc63a117415711c1e1ed

    • SSDEEP

      6144:8wTb9AGeXYhkiW1PIkgqFwQz3AfkxgLpoWvQ91s7xYXuWbjczMsL2A8TVNOOY:pTbmGtbW1PI/qF3HxgLi2Qk7x6b29L2K

    Score
    1/10
    behavioral25behavioral26behavioral27

    • Target

      S760һROOT/su

    • Size

      21KB

    • MD5

      9c52381a2551efecef4b7a0ece0c6a95

    • SHA1

      bf07509a5600961ccccaaea0dbb3ff88fc0dcfcd

    • SHA256

      4f688199212a2492ff94307fcfe16063aa7ef04d446c659e6e0b4bfb6cbcaf42

    • SHA512

      7dfd71346550ccfa5727c179f68d71c383b52faa89b141c4a7b4aa758fe148b091f22f7c316d5992f1efab3dc01ef1fb02dfa8bea5f3c6c0f1a0d990de4a5c1d

    • SSDEEP

      192:YoIHPrGsZNzPVp5SB9t5M4uc4hNY9NfwKkfqp7+Oqq8vxu6S:Y9zLzPVp+9t5M4ucSKpYq7jqr/S

    Score
    1/10
    behavioral28

    • Target

      S760һROOT/tencentmobilemanager3.8.5_android_build0599.apk

    • Size

      6.0MB

    • MD5

      1843355ddaf4b862458fa13a8bc4a176

    • SHA1

      82b94db3987b6186ce26097c0e4194f49bb0ef35

    • SHA256

      8dee250e1ee08071109fb420c3297230161c9bdfd825c30d343fd28c96f76e1b

    • SHA512

      0c782d86d6f802dec23a39ce6d2ef79fb08bacbd16cb2fe454d9ce7454ff381be10f1df994097c225239ceffb7a4b23e14cb1f82383df31913d5c1d56d627f05

    • SSDEEP

      98304:n5cdV1A3Vqz+7xLEqpQSk5rjRwqpzZYVEMfj9G9tuNpDA1fkhx/V7mxg5:5cdVWFqz2IqySk3NpzZt0Q9tuWfkmg5

    Score
    1/10
    behavioral29

    • Target

      qqwebdisk8.tsp

    • Size

      205KB

    • MD5

      c6045fc1bea9fb91970cc397f8f4f9d7

    • SHA1

      eeda3a95675f6745b945fd565086649ed45be4ab

    • SHA256

      5cd29c226a0bb7a2a3e2ce9a5d1b77840d517af55d9240cc24f3b1b43ae6b7df

    • SHA512

      2d10c429d8295019264be059b698b4b318c1c89fd68e4dddfaaa7f300ff0f41336ad2bb42a77b748ee8f80c83620c55564b1d839ab55ce798ee782cf09140540

    • SSDEEP

      3072:gaqbyj28JkuM+r9Kjb7v9eAi2tUO8gUIvmhqTSHkjKCGMu1ivJ1GII6:CV4iS927Pi2tUO8s+qTSHiG1FIr

    Score
    1/10
    behavioral30behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pegasus
Score
10/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10