9d737d3128f8bda63cda6ed3ba8a919e5b757e833d6393555e578c69635cd7d5

General

Target

055545cc752ef7e262e51cbb38c7a920_JaffaCakes118
Size

14.5MB
Sample

240428-q5p7zsha75
MD5

055545cc752ef7e262e51cbb38c7a920
SHA1

8fff0692f8a93038b45bc6cd19f97431e775b0f6
SHA256

9d737d3128f8bda63cda6ed3ba8a919e5b757e833d6393555e578c69635cd7d5
SHA512

76d96a02467e41795103903af5b86ac10a3e584a233163c7439205ca42424f20bf61f5a307ec8810af01c1c372521b352c7bd9598444d1e90aa3b8baaafb1a10
SSDEEP

393216:/3MUdz7ng+j2qXnvggiinxgBSVxNOQ7W7fWCI:/3DNmgi8gWxgQbp

Score

8^/10

Malware Config

Targets

- Target
  
  055545cc752ef7e262e51cbb38c7a920_JaffaCakes118
- Size
  
  14.5MB
- MD5
  
  055545cc752ef7e262e51cbb38c7a920
- SHA1
  
  8fff0692f8a93038b45bc6cd19f97431e775b0f6
- SHA256
  
  9d737d3128f8bda63cda6ed3ba8a919e5b757e833d6393555e578c69635cd7d5
- SHA512
  
  76d96a02467e41795103903af5b86ac10a3e584a233163c7439205ca42424f20bf61f5a307ec8810af01c1c372521b352c7bd9598444d1e90aa3b8baaafb1a10
- SSDEEP
  
  393216:/3MUdz7ng+j2qXnvggiinxgBSVxNOQ7W7fWCI:/3DNmgi8gWxgQbp
Score

8^/10

banker discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Requests dangerous framework permissions
behavioral1 behavioral2
- Target
  
  alipay_msp.apk
- Size
  
  748KB
- MD5
  
  d06ea38e4210a87d6b96f8b0491df677
- SHA1
  
  3ba573396398757088e559a9d372049a377eb05a
- SHA256
  
  76a24f83ad15586ff9a2081e420a707be9ddb0b5047e5b6de5974c41624ff2c1
- SHA512
  
  3d43e5bfad2b703a804a53048b6a88228a11fb80ac641d6594f774cc07f6c7367e0ee80b29966d02c9206542f467f55b0f1ddbbfef0ec372256314a7d1071f30
- SSDEEP
  
  12288:IjRAsoln+WMB1EgrGERh4xWgtSM7vXrRCn4I5p2Cnfv:IjRApZ+WM7yER61P7jw4IGSfv
Score

1^/10
behavioral3 behavioral4
- Target
  
  epayx.jar
- Size
  
  175KB
- MD5
  
  e70d3c3ff87401690af6a24542304a6c
- SHA1
  
  4ed2a412969626fb6f7cba98338c29160f9b99c2
- SHA256
  
  6a752a41d365e98a27cdad043a69d688b320df708227deb182b276ef14e87351
- SHA512
  
  15b102a0397becccaf1780df053290e4569b4fe3c28cf722922df7dca3cb72b8ebf89ab33cea62354038eaf3d1dbad39f3696ced47ceeb0365b84a5716b57548
- SSDEEP
  
  3072:Zaau3uCBHk77yuepqPs7R35NON2UUuE2oFFN9aDDMVEnYdY+HUbfGer:Za7dHl0MR35NOUUqRFFN0v8EnYdYmU7B
Score

1^/10
behavioral5 behavioral6 behavioral7