Overview

overview

7

Static

static

6

f788fc5157...18.apk

android-9-x86

1

appmgr.apk

android-9-x86

appmgr.apk

android-10-x64

appmgr.apk

android-11-x64

authguide.apk

android-9-x86

1

authguide.apk

android-10-x64

1

authguide.apk

android-11-x64

1

business.apk

android-9-x86

7

business.apk

android-10-x64

7

business.apk

android-11-x64

7

floatwindow.apk

android-9-x86

7

floatwindow.apk

android-10-x64

7

floatwindow.apk

android-11-x64

7

global.apk

android-9-x86

1

global.apk

android-10-x64

1

global.apk

android-11-x64

1

oclt_v3.apk

android-9-x86

oclt_v3.apk

android-10-x64

oclt_v3.apk

android-11-x64

protocol.apk

android-9-x86

1

protocol.apk

android-10-x64

1

protocol.apk

android-11-x64

1

push.apk

android-9-x86

1

push.apk

android-10-x64

1

push.apk

android-11-x64

1

rooter.apk

android-9-x86

1

rooter.apk

android-10-x64

1

rooter.apk

android-11-x64

1

core.apk

android-9-x86

core.apk

android-10-x64

core.apk

android-11-x64

rt_c.apk

android-9-x86

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f788fc5157c761759d7ce64898ce9ab1_JaffaCakes118

  • Size

    6.4MB

  • Sample

    240418-jafazaga9s

  • MD5

    f788fc5157c761759d7ce64898ce9ab1

  • SHA1

    1e3e72714fb2801a7b4a61d83acb91c08820534d

  • SHA256

    a0d59ff2737854a7fe5e94e93a977e4905e1612b38232784d8b3957533a01d3c

  • SHA512

    9173191e56f7f9a045ce17a6ad05a71cbef2f1a3d1eea9daf8f0dc6b18758bc97e7fec307242bfd887295984c3b5bec91f13485cf472324bdd23cb9e0ebb37e7

  • SSDEEP

    98304:XUftzSFacZsmgolrkYd2+YY6kD1zz2iSUD0S6Jo7a43Mt72aKk7+AvztH9B8rbVd:ERcSmg6rrd7N9fDCt6aK6EUHqv

Score
7/10
androidcollectiondiscovery

Malware Config

Targets

    • Target

      f788fc5157c761759d7ce64898ce9ab1_JaffaCakes118

    • Size

      6.4MB

    • MD5

      f788fc5157c761759d7ce64898ce9ab1

    • SHA1

      1e3e72714fb2801a7b4a61d83acb91c08820534d

    • SHA256

      a0d59ff2737854a7fe5e94e93a977e4905e1612b38232784d8b3957533a01d3c

    • SHA512

      9173191e56f7f9a045ce17a6ad05a71cbef2f1a3d1eea9daf8f0dc6b18758bc97e7fec307242bfd887295984c3b5bec91f13485cf472324bdd23cb9e0ebb37e7

    • SSDEEP

      98304:XUftzSFacZsmgolrkYd2+YY6kD1zz2iSUD0S6Jo7a43Mt72aKk7+AvztH9B8rbVd:ERcSmg6rrd7N9fDCt6aK6EUHqv

    Score
    1/10
    behavioral1

    • Target

      appmgr.jar

    • Size

      5KB

    • MD5

      8011685d04f413da93ec1956ade9da35

    • SHA1

      044b03c708dfadaf4f27fcfcb9a3a1bd753ef54e

    • SHA256

      4cc4538417353a3ffc15d87a5db78f92ae5a777c54de4e2a6ed4b2e191513c4c

    • SHA512

      5ad34110afa14d5e332776c63016421f1faf900ca85e2c1b676c6ac7c85a7fcf2883d70fd3d0fc4bfb75216f3757626bd530fb5a06f05146c2d4125ebe18192d

    • SSDEEP

      96:pj/fUMdojcSWHsarTpn2QbitF7nH1/VEyiTCB2aKZ//TWNJe+8ETnS8lPJfs49:pXrojNirxit50y+VTWNs+1nS8Pfs49

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      authguide.jar

    • Size

      215KB

    • MD5

      23d20dadb3bbe40fb4ed35f31d4e3e0c

    • SHA1

      ca7ac6f5f852f3afaf99f55fc8d8b6cb8574b145

    • SHA256

      37071e14f87fd7e06cb4638ea1620251ca8b3b5857bc650517830da64dc851fc

    • SHA512

      0dbccabdfb57079b2213587f6d11a2bfba1ec25f6a5dce3d054a006d7a5959d628fc4858da75765e0657e226683773d0a0b4e3e2da25c12c22312dee3ae858c2

    • SSDEEP

      6144:YEJEGDmwvTZ64QCXWWdo73zfX40LqlborU2K:YY19l6mqcorM

    Score
    1/10
    behavioral5behavioral6behavioral7

    • Target

      business.jar

    • Size

      725KB

    • MD5

      33d9303b03466a73a349a2a398258a8e

    • SHA1

      2dd39ef6c64e23fee4b2dbbd8b3c8d33a6d0b7c4

    • SHA256

      4358c3931c05d5f777fe8fa67274606d33de3a5fb9415b7b873ec6d47b29d391

    • SHA512

      3236bb9619db07c69c54232553634421088695b571391b69c327db8bd3fa71673b179b812f39ff252badaf2fdb6ebe30babf8ba146313ec2d2cceab2a4a7af17

    • SSDEEP

      12288:WEmAR+kksCS6wQ65RpE1ltwuGse93re4f2o3jZYiTgC5BxPYU6LAkL9k/QMUe78m:W1q+kkshJ61ltKRg4f2+YhC3xwU6387F

    Score
    7/10
    collectiondiscovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery
    behavioral10behavioral8behavioral9

    • Target

      floatwindow.jar

    • Size

      403KB

    • MD5

      33d5634204e3b49130834b6627bedfb0

    • SHA1

      141a814af48d0dbfe2654d7a4f5e8bcfb35c1828

    • SHA256

      95ec56f9f1e21ef50cd4f96209513b49f091859b9158257968eea5d4d4a719e3

    • SHA512

      617d5f22363ca512128693d82736d95715d883888d78a3dc2a1a6f94f433ca57f8f0611b7bbae55fd416529d8522f14c03370bd8e6d6d4b0b8c197e20bfff470

    • SSDEEP

      12288:0xrIGIQ3Rm2zOto6fQwQtmVgshppmjziV54ocDJH3z:Mr1b31zOWX1kgGpEXib4nDJj

    Score
    7/10
    discovery

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery
    behavioral11behavioral12behavioral13

    • Target

      global.jar

    • Size

      118KB

    • MD5

      ab4c88ac2cbf843695be9a25e74e28f3

    • SHA1

      69d52181df3d62c9a81c2768f4fecd02b781a8de

    • SHA256

      1ceabda96aba4e169d2800f5930b617b7ebd16ec0af3c39a0c3233e46f6a29f0

    • SHA512

      fbd15ecce72e7b10f52a71afe1a99e8b5d0f7d2c1a64c8a9dc52e28c7460c15d4bb3ce8e59e3b6de9e4c6aaaaf4ca1b98010fa498936fe39331a78a3df0bbcb7

    • SSDEEP

      3072:Jf08mugwMGCmkf6SJq1G9RPRm9HbPsMU5DJjM:t08mHPGC8nGzRm9HbPsb5t4

    Score
    1/10
    behavioral14behavioral15behavioral16

    • Target

      oclt_v3.jar

    • Size

      11KB

    • MD5

      142b91671633abf37ab5b4fe4a4841aa

    • SHA1

      b1b09a16bd47967e4d1d4ea502edc13af56fa699

    • SHA256

      252beeebc653139e231e68386679310ef4ff2875996f01f8e8329104f36e6cb8

    • SHA512

      13eea7d400965181bde0a7c569890bf4c73a2557642d256044b889c0e6357eec12e8a77156a2e31b0697a76aaa120bd2ae0d916d0e759683fecd1c9b80172f7f

    • SSDEEP

      192:od/axZ+90airTK2+LvZcXmiIePLUk0x0PAhp31wEd1FQtbIy39rpNrqVQ2184:od/an+2awK2+bImilDUT0UlwgstttNp0

    Score
    1/10
    behavioral17behavioral18behavioral19

    • Target

      protocol.jar

    • Size

      295KB

    • MD5

      007a7716ac0aa860965b0f3915e86522

    • SHA1

      41d31c280ecba59945ef46548d4078ce83717b9d

    • SHA256

      b4e6303ab58436e77aa8e9af1427b2fea66464868d086fb21cb20eb8902906d1

    • SHA512

      25128bce464de18d085a5c290b08e06226b9cf10fa7bd93bc9a74c79b102db0cfea0b521e5fdce9b871ccd54188749b7e7b787bae30bb0981360854c0558d01e

    • SSDEEP

      6144:HY3P9ggHmcofs1R/DW3wztmc8l9bDRupyamKXk/4Ps0AoHzT:HY3Rzok1NW3ItO9bFuHY/U7T

    Score
    1/10
    behavioral20behavioral21behavioral22

    • Target

      push.jar

    • Size

      44KB

    • MD5

      0a1225fb7c684baf2135b6f104904c37

    • SHA1

      0a814adf5e5ffcf59710d453436c86983bf80e70

    • SHA256

      9ff9819e57110ae78e256a4e842962b7bcd376d4bf9462a5f20e6935d7a32d44

    • SHA512

      3c9e77e7849e37a0b4589b4490937d2081373274c95b0b7465aca3dd3925cfc906681b658dae3be1c9acde582e6b78ead11a791a688a19cf96ec93abf3e69ee0

    • SSDEEP

      768:fvh6yI/lyvaM9I8mGWM43SGhURYwXNih8xnPCLfuE9M8iKNSxnTD:nh69/cvagI82qGhUchUn6qKNS

    Score
    1/10
    behavioral23behavioral24behavioral25

    • Target

      rooter.jar

    • Size

      227KB

    • MD5

      281c57a3af5356f7a58b5672ddc5d25e

    • SHA1

      8e942994e00cd5bc82649f557acc021bf71cfe64

    • SHA256

      0691e2ecbfa3185e43ba06bf8e527f586461e2d2fe26b5432b6c618700dea1de

    • SHA512

      266f0fd21458308e4ec4cb277f057442efb23407a77f70635e85416601479f48f58471b9d6e9bf1739050c4594801e942ea159fa4ac6a573988ca1d58d908b37

    • SSDEEP

      6144:PZCHOPzEZ8+2lIcquL89gP6uQ79cZv8BN5+ghQU:RCH6+5cqC81379wv8FVQU

    Score
    1/10
    behavioral26behavioral27behavioral28

    • Target

      core.dex

    • Size

      104KB

    • MD5

      fc550a76eed82d4edff39098187be64f

    • SHA1

      16e7c44edbb99eeb5214490b25580b54e7e4bff0

    • SHA256

      d3bae6e8e87ccc6b40134255dc7d1ffb2c6b3c0c0e76ef6feefa7fe9cf521736

    • SHA512

      33a230cbdecae0e6077ed88ef5c5d5e393f6322224abdd29030ee751fcf0f1876066097d933267696c3b55d9c896e5d8391ada58758d29bf45af911a3f5929e3

    • SSDEEP

      1536:TjsO4ICHPBPPbytPBLJC280GCtgV8Ltt9Qn0ZONbZsIwhIkQQ5SpkylqgkbHXEGU:TpCPBH0BA7Z6+0ZOdCXQincqv4P

    Score
    1/10
    behavioral29behavioral30behavioral31

    • Target

      rt_c.jar

    • Size

      17KB

    • MD5

      b7d9d5b2d19c834b223f30526d182e08

    • SHA1

      f7adff980a7fdfa534b54706276852aa8fa415d9

    • SHA256

      cc2780a754ba9ee0bd340f2af15ca6e22d0281ee9763a7a908fd368b04ed65b4

    • SHA512

      96cb2d60791fd67b1451ea33888d89df1989909bb0177bfd6d87c02edb3d0558a6f73ce725c2482c1937493d48fca2466a5b66095869eae5feddeacdc6a0c59f

    • SSDEEP

      384:wsNaGQ5CLvWmSIRT9R0+sg0X/hgL51rnIdcDfkUuhyNvBejPRq73H/A:xNa/KLDRT9RRZ0Jg11DiAf7LNvBgo3fA

    Score
    1/10
    behavioral32

MITRE ATT&CK Mobile v15

Tasks

static1

Score
6/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

collectiondiscovery
Score
7/10

behavioral9

collectiondiscovery
Score
7/10

behavioral10

collectiondiscovery
Score
7/10

behavioral11

discovery
Score
7/10

behavioral12

discovery
Score
7/10

behavioral13

discovery
Score
7/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10