01c7eb8a1fff8735cd8969806454e136ab9a2981ff1e64eacd649438e4d48e0b

Sharing

Copy URL

Twitter E-mail

General

Target

28c517b49836845917ec6d75057d4492_JaffaCakes118
Size

19.6MB
Sample

240509-hhqagaeg5v
MD5

28c517b49836845917ec6d75057d4492
SHA1

7676f34866ee0d1a2ea576cbf475ad0d8882ba58
SHA256

01c7eb8a1fff8735cd8969806454e136ab9a2981ff1e64eacd649438e4d48e0b
SHA512

bde57b95b5e046d3fe9406895f6d5187ea4bd8a05a3793cce9f6341bdcd1c1a296517d8d14f6ac557e62e6848596b55cda62af6efbf9a28161806f5070c7c21c
SSDEEP

393216:sMbF56syC7fMXBwkoVGOA3NxSoEZKHnrg1JBN7vfXzGTPDryacXQ2Fvcn4:skQwfWBroUNdxS4AHsyrD04

Score

8^/10

Malware Config

Targets

- Target
  
  28c517b49836845917ec6d75057d4492_JaffaCakes118
- Size
  
  19.6MB
- MD5
  
  28c517b49836845917ec6d75057d4492
- SHA1
  
  7676f34866ee0d1a2ea576cbf475ad0d8882ba58
- SHA256
  
  01c7eb8a1fff8735cd8969806454e136ab9a2981ff1e64eacd649438e4d48e0b
- SHA512
  
  bde57b95b5e046d3fe9406895f6d5187ea4bd8a05a3793cce9f6341bdcd1c1a296517d8d14f6ac557e62e6848596b55cda62af6efbf9a28161806f5070c7c21c
- SSDEEP
  
  393216:sMbF56syC7fMXBwkoVGOA3NxSoEZKHnrg1JBN7vfXzGTPDryacXQ2Fvcn4:skQwfWBroUNdxS4AHsyrD04
Score

8^/10

banker discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
behavioral1
- Target
  
  1
- Size
  
  70KB
- MD5
  
  4f198eb855b4409968888cc350a4d65f
- SHA1
  
  5bccbd8f60564cbf7930576119b790cc311a13e0
- SHA256
  
  d4f5a27326ca3b146a84122d04f01365459fb0cd63c34576f9957dce0df130f3
- SHA512
  
  5bf1db583b205fa84fa8c6637c80eed639f2a1acc3a0a73711c5f51444b064116bfbde23df15110d8cef78cb7792d744a6bbd6526adda65f842155c30785b371
- SSDEEP
  
  1536:RGRXcuvMJZGHZdbLn6b8YVt3wLHJZ2hb7WajW+VN021cp:RG+Kb45ELQNjW+Y2+p
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  5
- Size
  
  3KB
- MD5
  
  0f007704fec9b983054009f7d9dd593a
- SHA1
  
  3ab6b7d14f326d4aa6279eb41465a98b1603abfe
- SHA256
  
  696a941f6a45156144e4baacef4a8b8ae187a70c92137d9f6077995334ba45a4
- SHA512
  
  c5725dcf0c21112b20a0b89274bdf077d78b97986d57ac546e5c9b48ba4ea9b68e74bc4dddf873d368a32397bbccb3f9a83707c6f8fa7856315ed9ca27715437
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  9
- Size
  
  5KB
- MD5
  
  78fda54d578e58f8eb258237c776f472
- SHA1
  
  b906eba1749b99a5119aaacabcb7fc0ffd16bf3f
- SHA256
  
  7f7e8e10a3d14416c033231ab70c649bff6b4ec4af9a8f34cb177b64182998d8
- SHA512
  
  d36331fb108e464fd18d4f35f79d0fc30ee0ab8575e4acc2bcbe332686cf1b1641499c09b2c0f8f0d28d663e7ed2d1dd8f16f7ab23a53a38ebdb9c58ee6259c3
- SSDEEP
  
  96:5bDCMQRT5laOok9x9F/82BTgzcI3Hxq8TqVQ3p0c5dR/cTg+83eat2MkOLOEfS/s:JDCzR7NP7N5OYSxqKZJ9/cTg+ZOLG6RB
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  __xadsdk__remote__final__.jar
- Size
  
  83KB
- MD5
  
  607e65052147713115dd87f0866d504c
- SHA1
  
  5ff2a1c2ebedeb61236c56edfde6406828a05c6c
- SHA256
  
  fe2fe2810faab43ae935927bfde6faafb8c74532f760afbecff9585d4404e741
- SHA512
  
  2bc7144ac0c6dfbcf097f778ee110405d9c58f4fc4901356c2cf2622d7a4f6b12ce30a51f168962a8c81fbab9c46a65c2b219633dd2a80cc345dbf255cebf2a1
- SSDEEP
  
  1536:eKSS1UbomStT19s4G0/GZzgrF2nPOgfbexVK8RV+0XUv5VzUxwh3MPeUivu5iy:DSYsStT1ZT/ugrFsmgsHWzUxq3MPeUi8
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  gdtadv2.jar
- Size
  
  126KB
- MD5
  
  1a1e5b53df85a5387f2dbbe3dfe29cd8
- SHA1
  
  5ef07ed49352921198162d7f900218dd0fafa03b
- SHA256
  
  1464e74ed757715bfbfaf984ed2fb2299f109fc29969ccbc046c77d9370dc907
- SHA512
  
  2101f57fde4ad6f13f3472b03bceb3ff7e2078894efc6330e680cb98df820068a70d6db6225d0185084b404e7f5509560f5b81f021c03da1750da0e08396e9bf
- SSDEEP
  
  3072:STF0mPpZPXVMvY9dWxRCuFdRfTcYPdN1dr7u7C4WsTmNQTfBrG:SxPTPmvY9oxdrfAY+uZRei
Score

1^/10
behavioral14 behavioral15 behavioral16

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Checks memory information

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16