Overview

overview

10

Static

static

10

�...pi.dll

windows7-x64

3

�...pi.dll

windows10-2004-x64

3

�...pi.dll

windows7-x64

3

�...pi.dll

windows10-2004-x64

3

�...7).apk

android-9-x86

CallMaster...on.apk

android-9-x86

1

CallMaster...on.apk

android-10-x64

1

CallMaster...on.apk

android-11-x64

1

GingerBrea...rBreak

debian-12-armhf

�...OT.bat

windows7-x64

3

�...OT.bat

windows10-2004-x64

3

�...er.apk

android-9-x86

�...er.apk

android-10-x64

�...er.apk

android-11-x64

�...te.apk

android-9-x86

�...te.apk

android-10-x64

�...te.apk

android-11-x64

�...db.exe

windows7-x64

3

�...db.exe

windows10-2004-x64

3

�...usybox

debian-12-armhf

1

�...18.apk

android-9-x86

�...18.apk

android-10-x64

�...18.apk

android-11-x64

�..._1.apk

android-9-x86

�...ot.apk

android-9-x86

�...ot.apk

android-10-x64

�...ot.apk

android-11-x64

�...OOT/su

debian-12-armhf

�...99.apk

android-9-x86

qqwebdisk8.apk

android-9-x86

1

qqwebdisk8.apk

android-10-x64

1

qqwebdisk8.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

Errors

Reason
error processing APK: strconv.ParseInt: parsing "0x7fffffff": invalid syntax

General

  • Target

    JaffaCakes118_78ba988e4f67b294cd4bad239a9ac2a2

  • Size

    17.2MB

  • MD5

    78ba988e4f67b294cd4bad239a9ac2a2

  • SHA1

    9de70eb8ad7933e280f712fe1ac0af420603b8d8

  • SHA256

    1a808f82cf69a0fcf13e133151f5dd052ffe2353b1f1f77e9ce7c62edc4cbff9

  • SHA512

    0b5ab9f98b7bb0cfe675606ace89d18f71932e6d0cfe9c1e297678ca60fd04373b1f53b9cffe6cbbc01fc1bc4a70bdf97faad64db992c4b9e694351b03cae595

  • SSDEEP

    393216:/7VxC17f4zTk6L5iu09fnvXhm/UTsl+nV4/:xxC1D4zQfu09Xhm/UT8+V4/

Score
10/10
pegasus

Malware Config

Signatures

  • Pegasus family
    pegasus
  • Pegasus payload 1 IoCs
  • Requests dangerous framework permissions 16 IoCs
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_78ba988e4f67b294cd4bad239a9ac2a2
    .zip
  • S760һROOT/AdbWinApi.dll
    .dll windows:6 windows x86 arch:x86

    c64cac39044626770353879245ea25e4


    Headers

    Imports

    Exports

    Sections

  • S760һROOT/AdbWinUsbApi.dll
    .dll windows:6 windows x86 arch:x86

    fda9f9f5f569ddd0dbf3ad8a275a2eb8


    Headers

    Imports

    Exports

    Sections

  • S760һROOT/CallMaster_V4.1.2.26_Android_pf145_bi800_(Build12073017).apk
    .apk android arch:arm

    com.blovestorm

    .application.DialerActivity


  • CallMasterNotification.apk
    .apk android

    com.blovestorm.utils

    .UninstPluginDialogActivity


  • S760һROOT/GingerBreak
    .tar
  • GingerBreak2/743c.jpg
    .jpg
  • GingerBreak2/GingerBreak
    .elf linux arm
  • GingerBreak2/GingerBreak.c
  • GingerBreak2/README
  • GingerBreak2/gingerbreak.jpg
    .jpg
  • S760һROOT/ROOT.bat
  • S760һROOT/Superuser.apk
    .apk android

    com.noshufou.android.su

    HomeActivity


  • S760һROOT/SuperuserElite.apk
    .apk android

    com.noshufou.android.su.elite

    FeaturedAppsActivity


  • S760һROOT/adb.exe
    .exe windows:4 windows x86 arch:x86

    4f3742319a48385a4bf6c6624a9ad1e1


    Headers

    Imports

    Sections

  • S760һROOT/busybox
    .elf linux arm
  • S760һROOT/kBatteryDoctor_2.9_2000290_14824_20120914_125957_40000018_40000018.apk
    .apk android

    com.ijinshan.kbatterydoctor

    .SplashActivity


  • S760һROOT/oupeng-1_1785_1785111_15_1.apk
    .apk android arch:arm

    com.oupeng.mini.android

    com.opera.mini.android.Browser


  • S760һROOT/qixiazi_root.apk
    .apk android

    com.qixiazi.market

    .LoadingActivity


  • S760һROOT/su
    .elf linux arm
  • S760һROOT/system@[email protected]@classes.dex
    .dex
  • S760һROOT/system@[email protected]@classes.dex
    .dex
  • S760һROOT/tencentmobilemanager3.8.5_android_build0599.apk
    .apk android arch:arm
  • qqwebdisk8.tsp
    .apk android

    com.tencent.qqpimsecure.plugin


  • S760һROOT/zR
    .elf linux arm