Overview

overview

7

Static

static

6

4140f141ed...18.apk

android-9-x86

7

WeChatPlug...01.apk

android-9-x86

6

WeChatPlug...01.apk

android-10-x64

6

WeChatPlug...01.apk

android-11-x64

6

btgame_zipalign.apk

android-9-x86

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    4140f141ed1bac11d48984f062cb28f6_JaffaCakes118

  • Size

    6.7MB

  • Sample

    240514-m4felsch2t

  • MD5

    4140f141ed1bac11d48984f062cb28f6

  • SHA1

    0dd388fb1b5c364147e70ef760fee313f5f23a97

  • SHA256

    246452ddeeaeddc971391cec5b34ae675a4496a95cbd300cd2e204a382edff8e

  • SHA512

    4eb9a1732a58307f6f60019a51de9ee9008540cbfb86614391a543c2c8374ba60af72300ab9c78be464b058766084d549b354cc58546a78617d1335e21b06825

  • SSDEEP

    196608:zafsLRz7d/voJckdDGtXUjiGrFZ+CWa59Om2:z59/vwckd6tXApzWaiJ

Score
7/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      4140f141ed1bac11d48984f062cb28f6_JaffaCakes118

    • Size

      6.7MB

    • MD5

      4140f141ed1bac11d48984f062cb28f6

    • SHA1

      0dd388fb1b5c364147e70ef760fee313f5f23a97

    • SHA256

      246452ddeeaeddc971391cec5b34ae675a4496a95cbd300cd2e204a382edff8e

    • SHA512

      4eb9a1732a58307f6f60019a51de9ee9008540cbfb86614391a543c2c8374ba60af72300ab9c78be464b058766084d549b354cc58546a78617d1335e21b06825

    • SSDEEP

      196608:zafsLRz7d/voJckdDGtXUjiGrFZ+CWa59Om2:z59/vwckd6tXApzWaiJ

    Score
    7/10
    discoveryevasionimpactpersistence

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      WeChatPlugLogin_2017090601.apk

    • Size

      805KB

    • MD5

      01609988f28c1149e4fb24c20b95040e

    • SHA1

      4dd7e8b1aaabc6c1afcb2a8c0bbab04875484748

    • SHA256

      105e0beb8387ad33941c2db0647add65f21c17b84b797faacb847548b0915590

    • SHA512

      cfcb041c35d7026a249a463f11104c08d753f6f665acd03004199d45daf8dd0e4fd16adda33538f499371862b9fe5da597837d182083f620c5ec8fde24f3fc46

    • SSDEEP

      12288:E1AI960UQqdwDecgW/azTNtjwr9eER22taalMDYZ+nc4583Us+o:7INUQ9e8SzRtjuRJtaalMcZ+cUg+o

    Score
    6/10
    discovery

    • Checks if the internet connection is available

      discovery
    behavioral2behavioral3behavioral4

    • Target

      btgame_zipalign.apk

    • Size

      2.3MB

    • MD5

      44f13621abe203cb41fa430be79098bc

    • SHA1

      1b19bf294e67dff9f010137cc5c2690d352f50f0

    • SHA256

      a4c3472fcb32931f7435b0bdfca9141aae3fe655b2cb8864c82f4640bd397160

    • SHA512

      aef006fa3fc32a309796587b9fa5e521ac5e34ad26eb1c82a43c7cf47d729ef5587c91ad6fa1b7aabf3a537c2843726643b9dec32638f88653d4e2012214f24a

    • SSDEEP

      49152:6T8pGEsBFbTUx5fHzZlRPmABjZF9Gbmy6/m7BBRyPyvyCP1Kw:iWx5fTZllVBhG8A4av5NKw

    Score
    1/10
    behavioral5

MITRE ATT&CK Mobile v15

Tasks