000aeb326ca1b92ba7d4c326b2e03a49d43a62f1feba90eccbdbaf2ad65a29bc

Sharing

Copy URL

Twitter E-mail

General

Target

08840e69718fbb05363b8ba777fd55e9_JaffaCakes118
Size

7.7MB
Sample

240429-3qv6xadh63
MD5

08840e69718fbb05363b8ba777fd55e9
SHA1

862347d640efb2b22c6c0a46fbebd16723f4fdad
SHA256

000aeb326ca1b92ba7d4c326b2e03a49d43a62f1feba90eccbdbaf2ad65a29bc
SHA512

49c2f4745bf830ce94fd037a40b125ba24665cbac85ec8879e2cf8138a47a196404af9f055efd7ecbf8bb46a9d0d3cc74f7f4adde79d0e22c950a7ac45e7c02a
SSDEEP

196608:COuWkaGxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxQdporiuYlRP9momapUf:vuWMxxxxxxxxxxxxxxxxxxxxxxxxxxxj

Score

8^/10

Malware Config

Targets

- Target
  
  08840e69718fbb05363b8ba777fd55e9_JaffaCakes118
- Size
  
  7.7MB
- MD5
  
  08840e69718fbb05363b8ba777fd55e9
- SHA1
  
  862347d640efb2b22c6c0a46fbebd16723f4fdad
- SHA256
  
  000aeb326ca1b92ba7d4c326b2e03a49d43a62f1feba90eccbdbaf2ad65a29bc
- SHA512
  
  49c2f4745bf830ce94fd037a40b125ba24665cbac85ec8879e2cf8138a47a196404af9f055efd7ecbf8bb46a9d0d3cc74f7f4adde79d0e22c950a7ac45e7c02a
- SSDEEP
  
  196608:COuWkaGxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxQdporiuYlRP9momapUf:vuWMxxxxxxxxxxxxxxxxxxxxxxxxxxxj
Score

8^/10

banker collection discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Requests dangerous framework permissions
behavioral1 behavioral2
- Target
  
  __pasys_remote_banner.jar
- Size
  
  114KB
- MD5
  
  2ad9fb4b2d9b333883b7e38f61c2fd2f
- SHA1
  
  5b85041452d173ed0d81d25b9ca78608a998e328
- SHA256
  
  b9310a99f1b60959f6b725eea74623dc491adec55da740c17e8c7e02f35818f5
- SHA512
  
  6fc04e1e22ebf8920b4928a8086cf3e0814d155f79f80d71622916f6a0911262382710e5ee2acea653db4b387730e201134592cb9992b14f3aef8b09d83bda90
- SSDEEP
  
  3072:9cU7bD2h2Z5ecVpoj8eVJBl52Dx9yW0jv2gspIn:m8n28Z5eAs8S73InyWmug9
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  __pasys_remote_feeds.jar
- Size
  
  58KB
- MD5
  
  a4e4e783b2d92946633831109713519d
- SHA1
  
  b2f8222cfb8d63637e6c70c1a34f570c4e7805a9
- SHA256
  
  052b564c158ca8d7b195a576904ad591b1ba3b6c7d23158f4da627952b24a15f
- SHA512
  
  9ebe83aa91a00c31fbc93dcc43234162d7780a7965198856ceed0e84ec4554d71cad931a13b38678285e5643a78fa45dd3afaf3f34e13b403e02b35e1e5f7279
- SSDEEP
  
  1536:krlBCoO5TwY5ZU9GDOfZCVLDa64KYbcubBqT:wb5Y50toNDfmzS
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  alipay_msp.apk
- Size
  
  748KB
- MD5
  
  d06ea38e4210a87d6b96f8b0491df677
- SHA1
  
  3ba573396398757088e559a9d372049a377eb05a
- SHA256
  
  76a24f83ad15586ff9a2081e420a707be9ddb0b5047e5b6de5974c41624ff2c1
- SHA512
  
  3d43e5bfad2b703a804a53048b6a88228a11fb80ac641d6594f774cc07f6c7367e0ee80b29966d02c9206542f467f55b0f1ddbbfef0ec372256314a7d1071f30
- SSDEEP
  
  12288:IjRAsoln+WMB1EgrGERh4xWgtSM7vXrRCn4I5p2Cnfv:IjRApZ+WM7yER61P7jw4IGSfv
Score

1^/10
behavioral10 behavioral9
- Target
  
  gdtadv2.jar
- Size
  
  88KB
- MD5
  
  0586f3074966b353fe050ec4055ca09c
- SHA1
  
  645839dc107ba400711b8f4d8e4495dc29ac8ee0
- SHA256
  
  e365ac88dc01033ccf02fe965d5e1eee9044c4ca1a3d9d96085be6a427a5274a
- SHA512
  
  e76d878ec99c64cff35a11a5837237206bb02b1cc2d35ff2c0f03c72519bc19813138f54a6aca6c775b33de532a011dee7949ecddb7b57e4264380d70b81e4a5
- SSDEEP
  
  1536:ZIyPme+AtVhpPhvh8Ba1e6Z5KgXJMfl24RnuFo398/FhluO4HyafAtQOz672r:9OefrzPhyh0KgXJ2l2nqt8/FhwfWQ1y
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  qhad_dynamic1113.jar
- Size
  
  107KB
- MD5
  
  3a06586ad5987b00b4a73759e61b126a
- SHA1
  
  36a769a65efb56582e39dbce9c506795e9594fe7
- SHA256
  
  2bfa01452d94c5cfecb0d2e9aa5488c59077d2f57736afa824a9a8c6bc75cbc9
- SHA512
  
  97cb126fbb49b63c220eb3088e4bfe04f16bcc3bac75d0c8e8ab6d0d1da94522b3962002ffd8fc73a46c4de4b54929d5129d892da67173aae24f57d23dfd1572
- SSDEEP
  
  3072:AeOnptLKufnZall64CrZbUXFn/Q+jJxLF:SKknxNV+9xLF
Score

1^/10
behavioral14 behavioral15 behavioral16