General

  • Target

    3f1ec41f367eeb90817170308a87e0ee_JaffaCakes118

  • Size

    15.7MB

  • Sample

    240513-mxqxrsca35

  • MD5

    3f1ec41f367eeb90817170308a87e0ee

  • SHA1

    c12f35ff18120c4ed1920691200dc9ff99d347b3

  • SHA256

    189add5f6585a37574aa0c7f60462e9475e7f7f1d1d2673e13caa706eba0a535

  • SHA512

    1d019e11c72e4993d61aae0c9fc51c0c7e9a0b9b550c4b62a103f4c0bbb1948f6ae3ea7f212467f9caedad613fb265872c5842ab0ecb02f3234f5a4d8076bd9d

  • SSDEEP

    393216:b3Z5xWBvtJxoqobyM8EwXt7592L+aytgRTXnCqBcMBnHZj:bJ5xWVtJYyM8EAt992L8tgRDCqmMxp

Malware Config

Targets

    • Target

      3f1ec41f367eeb90817170308a87e0ee_JaffaCakes118

    • Size

      15.7MB

    • MD5

      3f1ec41f367eeb90817170308a87e0ee

    • SHA1

      c12f35ff18120c4ed1920691200dc9ff99d347b3

    • SHA256

      189add5f6585a37574aa0c7f60462e9475e7f7f1d1d2673e13caa706eba0a535

    • SHA512

      1d019e11c72e4993d61aae0c9fc51c0c7e9a0b9b550c4b62a103f4c0bbb1948f6ae3ea7f212467f9caedad613fb265872c5842ab0ecb02f3234f5a4d8076bd9d

    • SSDEEP

      393216:b3Z5xWBvtJxoqobyM8EwXt7592L+aytgRTXnCqBcMBnHZj:bJ5xWVtJYyM8EAt992L8tgRDCqmMxp

    Score
    1/10
    • Target

      1_210.jar

    • Size

      55KB

    • MD5

      a6e4dbb555be0396ed6e89b512b3ef77

    • SHA1

      35d6f6bd389d846fc1b2d1b3bd66d94d9700ba0d

    • SHA256

      34c6640d0f7173d536ec6f57abb2ae84013040be67348b1cf034bc798152bae2

    • SHA512

      9bff324ac0daa5593927611238716ee3ca042a75bbb9821fa09db87347c90188f0fdbc1989013b2be3bb9aee31abc75d15a3da6553d999755296a81d70423e08

    • SSDEEP

      768:qb/YzjUvu4B54WMhxbWqja+67slGZWFgZcQ1hnJeBHhUeH1xZ7R7l5nX6yiP/qAj:qbbGWUFosVFObhMMeZP5nXq3JPa0e0xh

    Score
    1/10
    • Target

      accounts.jar

    • Size

      215KB

    • MD5

      baccf4b12a7ca4c063156bd5de986730

    • SHA1

      0614b0271cd6b79e1219b9cb67a11a5728980ec3

    • SHA256

      5ef53d420bdd880872d4390ce6470396e8c71d0e17cad64e40e110b92ebe056d

    • SHA512

      77e8135d97d38d311af5ca56b9432ca04417899ba8682d79e9862bedec6229c6aa4bf931061141d28383fcc5f5b08e83b7a04333685bd42a146d39419a0f3fd7

    • SSDEEP

      6144:niTr8QwudRy85wNsgen9AHnGmEDz3AA/j:n48QxdjmNsfSGV337

    Score
    7/10
    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Target

      antivirus.jar

    • Size

      378KB

    • MD5

      c214d3b291ee611a99931f11f63e5157

    • SHA1

      ac9c1879d2723e4765b0e4c63361d9259ab6637d

    • SHA256

      bf9473925dbc43cbb6b6bb60079dbd951bf4001ae74856e9f1f7ef128643b2c9

    • SHA512

      d30827b6c78254a8f70f33d5eb1d5c03d4a416252fda4dba805c80dbdb50c20276bc0a257aa5d12d6e99c26672ad697a7713554547d6af86e0fec588eb3fdd81

    • SSDEEP

      6144:1xbAPe+/60Fzysctthsnac6882BE6+eQpR6Mu9eTggXuVk16DWnypJ7Nf+uU:1xbAPx6m5cT61688qEhYMuQgcN16DWnR

    Score
    1/10
    • Target

      appmgr.jar

    • Size

      5KB

    • MD5

      8011685d04f413da93ec1956ade9da35

    • SHA1

      044b03c708dfadaf4f27fcfcb9a3a1bd753ef54e

    • SHA256

      4cc4538417353a3ffc15d87a5db78f92ae5a777c54de4e2a6ed4b2e191513c4c

    • SHA512

      5ad34110afa14d5e332776c63016421f1faf900ca85e2c1b676c6ac7c85a7fcf2883d70fd3d0fc4bfb75216f3757626bd530fb5a06f05146c2d4125ebe18192d

    • SSDEEP

      96:pj/fUMdojcSWHsarTpn2QbitF7nH1/VEyiTCB2aKZ//TWNJe+8ETnS8lPJfs49:pXrojNirxit50y+VTWNs+1nS8Pfs49

    Score
    1/10
    • Target

      iso2.jar

    • Size

      5KB

    • MD5

      0079f96521fc43d92546aa061c2b8290

    • SHA1

      fa8c0adb3fa7c26536270ebe814dbc5d89ce9a18

    • SHA256

      e015f476701f24bd43f60043023db95515953eca1cd3ecca7e063f1179402d36

    • SHA512

      a42bf811a80b785b08b9daea5f67eba0f432d9f03d50bb04264d7b42bbe22c3c175cf51b97b13fabbf1ad1752311ac06be774ee4010b4317ee128a10d859d31e

    • SSDEEP

      96:qts7P6LaAT1HUEe1Mszb0dlgUmvzUAK+vdiq7qpd6LlB8D9/v7B19eN0P5DNzoPK:nPfAT1HUEkMszb0dlgzvzysiqdoDV7B3

    Score
    1/10
    • Target

      apm.jar

    • Size

      88KB

    • MD5

      9adbed694373d97573d1ef436d365d14

    • SHA1

      49d46ed2a2db34f1189129cf9b5c4febb79d50d0

    • SHA256

      fdc220fa5ff1b9bd75a2f812f366d5d7c00154a41c71d05cfc5ed1f28e9e855d

    • SHA512

      82a946dccf65750ea2ed8a90c922410d287a2b015b61ba877783b0b0dcc6adddabf600c310dc4a03dc04a63af2433ce45274890a0535dfc7da81b09fd390d8fe

    • SSDEEP

      1536:PK1XWcyRBfiQF5dcr9fQACtEqfLdzDOdKONWxuk19Pp+ZULr3TY7h7Sb9dJCGJKN:MXWcyR1iQjdcr1j65BmUoWxuk9PoV748

    Score
    1/10
    • Target

      apull.jar

    • Size

      944KB

    • MD5

      92bce535aa3ee95adb565fc0190baa65

    • SHA1

      88468a5947373d8757e1af11660d2be390cbc64c

    • SHA256

      aa937149072f77ba272f292136949ede237c2d851a89cb2f0d37c0b71bf9cf04

    • SHA512

      920d45c11bd2edc7d900bcfb57cf375dc25586071ad75bbbda7548e2a64ec7b965318df19b33d4020abf782380bbf77f4d023425eb372ac1f50382d4e21f7ac9

    • SSDEEP

      24576:sDHpxR/k2kVtybKlrgd6gcr8O54Avsg/SZ:st/k22ty3d8AOSa/0

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Target

      authguide.jar

    • Size

      70KB

    • MD5

      5fe1c5a92db83ef74dcfede678b3c641

    • SHA1

      96766f657dd021270a8c714d40da60f69e6aeaae

    • SHA256

      4998df6912df38f0be38655628b8fe910f92977a7513fcc0d491cd153b8e4691

    • SHA512

      ac4895601083f72ed926f3af4a1fc0ceb23001a7451f0f7905a0040b585c20d8f0af1141e68aedea6c40c9bf7706cd236fa6cb78d69a623d38df83fddcb8c7dc

    • SSDEEP

      1536:DGmSlQHVSWIVJ321B8+lnHWvETFKhtLDdvtzIuuEkY:Jgfzr21xQvftLDJJIe7

    Score
    7/10
    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Target

      av_rt.jar

    • Size

      11KB

    • MD5

      a08d16ca200e664b96c15d576f665f4b

    • SHA1

      aeb28ab363f21e9dff757302c256a4c79acb4e18

    • SHA256

      b12dd7ff734e9bf3376f2f386b8933d5568f2c865d95882e905041d811e6fa88

    • SHA512

      51c8e7154fca45fc1e82f9e937ef02b7abfad0dc612752ac90b22219a98a10d7df31cd452408e25a401eeeb7c0a46c880b253a73cb8a28cb1fd4b2a7abdef5f2

    • SSDEEP

      192:uViIkX34YT5QNwVPZjRmA8P+Hu2ce73iPmUcudR8iSs6qsGqKckwehoSZnd2X86:uIpFPVxjRMPUu2cEcEGatkwehoqdl6

    Score
    1/10
    • Target

      blockui.jar

    • Size

      520KB

    • MD5

      438cabb175809a32a5a218f690363e00

    • SHA1

      f6c32c1c760bd8d0e94cbc893800da75a15cbe7f

    • SHA256

      51489912ecddc92735f97ae665db0cc1852f6d0d5c9837448235000159e87f24

    • SHA512

      fbb1218869b43a63a667e459eb070a2b4db6c7f981d42fdf0130850c2a8e3ba4697641adc36536abc8443a5459abc4a0a4351bad5b0e911bb979978a8c610677

    • SSDEEP

      12288:g8Czl+2ZvKGcP9xyFWVFkWKTy+KPUQBycoMvjfFmndXDB6lBsz:LCzl+sCbGoXzKmUP6NmdTB6M

    Score
    7/10
    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Target

      callshow.jar

    • Size

      442KB

    • MD5

      60192741c5e40cbaef327cf7869b14d3

    • SHA1

      89efd8127c950efee21a8d9a2ba10628ed09e61a

    • SHA256

      9db17016af771f8fab7c0c327371f2e24fd1db07ff2ed7b4ff51396252f1e0ba

    • SHA512

      6d120a3a0d8bdd3f4f63435925f93c9bc51b390c3102374f3e86aaef2b1fce402165ed761117903378115c1041f46465dd0d9be0c51f1bd851827bffc6719e9e

    • SSDEEP

      12288:0P/yFbFMGeWtiepsrMaopcmj2VdUWiq24ralKs:0PaA5Wtp4oqs2kL/fcs

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks

static1

Score
6/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

impact
Score
4/10

behavioral6

discoveryimpact
Score
7/10

behavioral7

discoveryimpact
Score
7/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

collectiondiscoveryevasion
Score
7/10

behavioral21

collectiondiscoveryevasion
Score
7/10

behavioral22

collectiondiscoveryevasion
Score
7/10

behavioral23

persistence
Score
7/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

persistence
Score
7/10

behavioral30

persistence
Score
7/10

behavioral31

Score
1/10

behavioral32

Score
1/10