0b1d018777319dae8d1359bb8af34870776cb72a6ca08c234c0362d5cd371c98

General

Target

02e5a00673b2f80652a591cf1fa118fc_JaffaCakes118
Size

22.6MB
Sample

240427-k2zpcsga3x
MD5

02e5a00673b2f80652a591cf1fa118fc
SHA1

65b93a5eab97e63e754fcd102b739f0ba8a7daef
SHA256

0b1d018777319dae8d1359bb8af34870776cb72a6ca08c234c0362d5cd371c98
SHA512

861d4f1e9b99b4c5203c15c84aa44a569077b701f807c83865b688948f4025fdb28701fd46ca92cafd650b53f671056817e3736a7de7b6f653a56c0ed601c695
SSDEEP

393216:lWFeMheCnxNtWJtQow9DEy6eZhvkUMhMkSlIdMFToTRTIElRjMotR6UKtzPlxf:lWYMhe/tQV9DE9efcF6z0lpO5tz9xf

Score

8^/10

Malware Config

Targets

- Target
  
  02e5a00673b2f80652a591cf1fa118fc_JaffaCakes118
- Size
  
  22.6MB
- MD5
  
  02e5a00673b2f80652a591cf1fa118fc
- SHA1
  
  65b93a5eab97e63e754fcd102b739f0ba8a7daef
- SHA256
  
  0b1d018777319dae8d1359bb8af34870776cb72a6ca08c234c0362d5cd371c98
- SHA512
  
  861d4f1e9b99b4c5203c15c84aa44a569077b701f807c83865b688948f4025fdb28701fd46ca92cafd650b53f671056817e3736a7de7b6f653a56c0ed601c695
- SSDEEP
  
  393216:lWFeMheCnxNtWJtQow9DEy6eZhvkUMhMkSlIdMFToTRTIElRjMotR6UKtzPlxf:lWYMhe/tQV9DE9efcF6z0lpO5tz9xf
Score

8^/10

banker discovery evasion persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
behavioral1
- Target
  
  koudaigouwu_1273x.apk
- Size
  
  3.4MB
- MD5
  
  5254e52933e690ae4d0907e5ada1a8e8
- SHA1
  
  e60bd695cfadf9bc6b74f04951ed68b5b42928ae
- SHA256
  
  031b93890845d908e2a7276886ea473e3f8e45ef4898fe36687bd2bd4970a041
- SHA512
  
  a68c22425939fd572861d286a371edf013610b604e907af0fa779a1fe8df4f7eee53fc1dee47ff0781838d06304edad4a9633b67c24582f5c156e35d4cd89ade
- SSDEEP
  
  98304:9dLmqhE98ctL8bXHCazdduIyTRkiOmnzmkM4TDR8m3X:9dLmL98cEz2XkiOemkM4TWC
Score

8^/10

banker discovery impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Reads information about phone network operator.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2