Overview

overview

7

Static

static

7

2d0145493f...5f.zip

windows7-x64

1

2d0145493f...5f.zip

windows10-2004-x64

1

2d0145493f...5f.apk

android-9-x86

1

.jgapp

windows7-x64

3

.jgapp

windows10-2004-x64

3

GoogleSans...ar.ttf

windows7-x64

3

GoogleSans...ar.ttf

windows10-2004-x64

7

config.json

windows7-x64

3

config.json

windows10-2004-x64

3

easyagent.apk

android-9-x86

1

easyagent.apk

android-10-x64

1

easyagent.apk

android-11-x64

1

ectemplate

windows7-x64

1

ectemplate

windows10-2004-x64

1

ecurl.dat

windows7-x64

3

ecurl.dat

windows10-2004-x64

3

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

libjiagu.so

debian-9-armhf

1

supplierconfig.json

windows7-x64

3

supplierconfig.json

windows10-2004-x64

3

vers.dat

windows7-x64

3

vers.dat

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d0145493ff634b9a1430bdd0c7e6a6abe6f853609086c07d2bcfbec4d0abe5f.zip

  • Size

    19.0MB

  • Sample

    230724-jhrnzabd58

  • MD5

    b7aaeac8a6f5b604708fc03e1f08a95c

  • SHA1

    5fef9f8b240f20482c7f2c27b1b0572ede1033c3

  • SHA256

    a618741c9fac2dcf1fe823eb335b696eac70866614a5e75b8f8e7a878f0f0746

  • SHA512

    f10383f1a4b92b9cd43229c5974d2a78fda0525b4f8863f13964de535bbfca83b0ca9d84c0d6ff5a7a5c27380fe843ea98b7b92c0bcb0dadfddf135d56aeebb1

  • SSDEEP

    393216:8rTEjXNU027snZhrhcEQa2/It73sQczcVhgiHtfIYTM:8cdnjrZQ7gt73xcz0h1tfIYQ

Score
7/10
android

Malware Config

Targets

    • Target

      2d0145493ff634b9a1430bdd0c7e6a6abe6f853609086c07d2bcfbec4d0abe5f.zip

    • Size

      19.0MB

    • MD5

      b7aaeac8a6f5b604708fc03e1f08a95c

    • SHA1

      5fef9f8b240f20482c7f2c27b1b0572ede1033c3

    • SHA256

      a618741c9fac2dcf1fe823eb335b696eac70866614a5e75b8f8e7a878f0f0746

    • SHA512

      f10383f1a4b92b9cd43229c5974d2a78fda0525b4f8863f13964de535bbfca83b0ca9d84c0d6ff5a7a5c27380fe843ea98b7b92c0bcb0dadfddf135d56aeebb1

    • SSDEEP

      393216:8rTEjXNU027snZhrhcEQa2/It73sQczcVhgiHtfIYTM:8cdnjrZQ7gt73xcz0h1tfIYQ

    Score
    1/10
    behavioral1behavioral2

    • Target

      2d0145493ff634b9a1430bdd0c7e6a6abe6f853609086c07d2bcfbec4d0abe5f.apk

    • Size

      19.2MB

    • MD5

      8b3b9ae2522e18918b48df302ebdb05f

    • SHA1

      dc30830f78fe7fe1a9070540c39a2e322362748c

    • SHA256

      2d0145493ff634b9a1430bdd0c7e6a6abe6f853609086c07d2bcfbec4d0abe5f

    • SHA512

      447a15696e2d01f4bfa74e0ca96181b029593b959f764e5dfced84c05a41b629880edfbd3945251a22f5f45f57dcbf087253064644557064a00ff1eab8cc9910

    • SSDEEP

      393216:lu+PB6iwp1t3l/P1jWpTfLRfwzXdf2HzLRv9SdH0Wa0g4Og7gqX:Qifwp15tP1apbLR6QHqtCo

    Score
    1/10
    behavioral3

    • Target

      .jgapp

    • Size

      16B

    • MD5

      402b01b54381b28ee11d64d53d90f442

    • SHA1

      7be2d783d266e5097fd65a6d1ab01d140e82e885

    • SHA256

      61200b799ed0bd3977d9cd382f58a1e60fd583cefc1007c36950aabaf168f403

    • SHA512

      ce0b8ff048cd2ff6bdafe6bd6928f896b088ad7e2ded857ec871d89e9fd035bd1577c7bcb49c3e16577d7a1b0b39a1e500541b5e33662244b7d6b84662c130e0

    Score
    3/10
    behavioral4behavioral5

    • Target

      GoogleSans-Regular.ttf

    • Size

      117KB

    • MD5

      b5c77a6aed75cdad9489effd0d5ea411

    • SHA1

      4974453e73089c1d8bcf2a6b5eeff51302da45ec

    • SHA256

      974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d

    • SHA512

      31f53e9a2803bb42ca6dbc69cae9dbf9de53a91db9cb32bac6c6ab9d0350639a21a22b8c193badba4be8747f2a76c14c12333f6114c5150d1ca53f36b7f7b4b3

    • SSDEEP

      1536:NVSyKxWDcIViZH+XcRF7U4QR8lY/f6GeG4AmDFXQPt:WyKMYH2IUVagl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral6behavioral7

    • Target

      config.json

    • Size

      764B

    • MD5

      cb695f656db409f0296206e269d94a11

    • SHA1

      a3abb12a7cf8ce7cd7a3904c9ce7e24bb1b6638f

    • SHA256

      af455711345a8a2dd7cb46999e68d4fe3a6bf44e2a835246f1d83ee5e030a20d

    • SHA512

      edff1ea2284b6259bb8966e156fcd86afe617f7a85fd573ae28764aa4c162f188bcda180fdcb148296fb625d92b19975c1ccebc6f03872b70e3376dbfa1895a3

    Score
    3/10
    behavioral8behavioral9

    • Target

      easyagent

    • Size

      3.8MB

    • MD5

      17413bfa02d8ee611101d8bbf9e0f463

    • SHA1

      6568cafc672f15387ff85f91f9dc3d919c65b06b

    • SHA256

      5924b69d8372967ff9a3cec40dd7a7055ac054b72dde210e3a6a1c92f10a0563

    • SHA512

      fc6ed3b647422c84e51c565696d796db4c56eec61125e5e6c22fd22733888e305d52888fc452cb133b2a118f7abd4ddc5979a5429f069a51bdadc0ca26382f50

    • SSDEEP

      98304:R/L6IP4eb0Q5tOzNSkCNQcmRh/OLcBV8EwIkgXT557EjAI3S:96o4Q5jONCNCh/RqqTc5C

    Score
    1/10
    behavioral10behavioral11behavioral12

    • Target

      ectemplate

    • Size

      1B

    • MD5

      c81e728d9d4c2f636f067f89cc14862c

    • SHA1

      da4b9237bacccdf19c0760cab7aec4a8359010b0

    • SHA256

      d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

    • SHA512

      40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

    Score
    1/10
    behavioral13behavioral14

    • Target

      ecurl.dat

    • Size

      8B

    • MD5

      8f376290b7ac9402f71824226ce2ecdf

    • SHA1

      2c789b4b75c0b32f71ccbf7c745228c13be6d582

    • SHA256

      71770d96b8d5206d0a68f53ee73ab88fc7eed6b0d25e8160eac422b86af79171

    • SHA512

      657c162fdc2f074ed7c352c8e2c973b5e1a69fe7a3ca529b880ab729de0cb05012fc23a43390591f05d6cbda450499a14b01e6b7f77c7d088cdad04eea29049d

    Score
    3/10
    behavioral15behavioral16

    • Target

      index.html

    • Size

      141B

    • MD5

      b7ec405ef64a072fa32b4295cb3f3329

    • SHA1

      a8ba8d3831637e15dadbcc37bfa0bc0e18d9b8a0

    • SHA256

      e06992d13f8ac5480a4a880b55c587bc529cdab24532b632a1e037c6a95de48e

    • SHA512

      1ca6a08c43e152c7a22a030d042461f9d77f19badfa23781d97c907bf4fc4de541002d81760141ac5e14191721834c199e07a83f3663b6648be2048bef51d926

    Score
    1/10
    behavioral17behavioral18

    • Target

      libjiagu.so

    • Size

      666KB

    • MD5

      2384032e42fc9fd9d0ffcf91f5e7c3f9

    • SHA1

      2d63db8984fff86033b02ddaaf13a008f2f1e965

    • SHA256

      50e3ad43c10cd6f374e2006b427226e6cb7c3492126b58a649bff4fd32474c3a

    • SHA512

      60c63d7a84983c626c0f936da8f64f2de30e5b1e681cc3fcb6924d1082e3c15f828ad52fca983379a9c27399055c0916ef01a2f5990c93405f183de2b268bc61

    • SSDEEP

      12288:IN+5cgNCS6/y8ZFch95+ocvsot/2cKU1gdyUkfnnyu1EtaWM93wl:W+K8FHrSsot/padyFvycEsPw

    Score
    1/10
    behavioral19

    • Target

      supplierconfig.json

    • Size

      219B

    • MD5

      2b049796098e1effafb46f28de927d6f

    • SHA1

      d619d0be25335ac9b090900ee8ca15f49d2db44c

    • SHA256

      7fc7c238158b61bd7920fb5870d9549808bade2d62b5ab1c263ae743861fab05

    • SHA512

      962d54b9e5ff338086220f09d0db65dc25541207e0d4aad567bfe680564e75d1159df9b3df9f439049f9aa15402e38437ea7e8d8732901a5f605494674eca8b9

    Score
    3/10
    behavioral20behavioral21

    • Target

      vers.dat

    • Size

      246B

    • MD5

      a12497d32659c852eea31603db01082e

    • SHA1

      c7bc85651e0497a2154318349c51386367c12d63

    • SHA256

      4883da202126d46595be7e2e7aabd2a40b25021621222f28065c5056de095244

    • SHA512

      75106434f07774374ef897382d388204f39dd6daef1b68a228364b144e2571963eadac7f8de87397d46a9f6ad048a0a72b273af2a3bdf3da06add72ad7db43f8

    Score
    3/10
    behavioral22behavioral23

MITRE ATT&CK Enterprise v15

Tasks