68f3237ada0921a0aaac53946c7ed4197fe89dec0002ebe516bfda4fd0bcb9cf | Triage

Sharing

General

Target

4144cc4bdcfbe3e101ddbea96cbab152_JaffaCakes118
Size

32.0MB
Sample

240514-m7vcyada3t
MD5

4144cc4bdcfbe3e101ddbea96cbab152
SHA1

c1de73fc1438df2b9b1a8f8ea57d25aada45c9c6
SHA256

68f3237ada0921a0aaac53946c7ed4197fe89dec0002ebe516bfda4fd0bcb9cf
SHA512

0595afad35d4411056b4510edbf93b59875c1c20782cce315a77789ea0e9ef31ffe8f5855a9cc51ad5de118cbf093aacd1912584da26c1cf373e0c8a0733cced
SSDEEP

786432:qViYBoqtyM89Su2sfvMwaTskn63Y5vST/rUYny7RMfwvkNBVCZzpGt4:ytyM89x2sfv7nz3Y5vYLvOvGt4

Score

7^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  4144cc4bdcfbe3e101ddbea96cbab152_JaffaCakes118
- Size
  
  32.0MB
- MD5
  
  4144cc4bdcfbe3e101ddbea96cbab152
- SHA1
  
  c1de73fc1438df2b9b1a8f8ea57d25aada45c9c6
- SHA256
  
  68f3237ada0921a0aaac53946c7ed4197fe89dec0002ebe516bfda4fd0bcb9cf
- SHA512
  
  0595afad35d4411056b4510edbf93b59875c1c20782cce315a77789ea0e9ef31ffe8f5855a9cc51ad5de118cbf093aacd1912584da26c1cf373e0c8a0733cced
- SSDEEP
  
  786432:qViYBoqtyM89Su2sfvMwaTskn63Y5vST/rUYny7RMfwvkNBVCZzpGt4:ytyM89x2sfv7nz3Y5vYLvOvGt4
Score

7^/10

discovery evasion persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
behavioral1 behavioral2
- Target
  
  kyx_data
- Size
  
  1014KB
- MD5
  
  6ab5325a9e4212cc77a926c9ac0f225c
- SHA1
  
  d97deb37789c66ea5229b4db855e88b39a568073
- SHA256
  
  03a432c812343b77182ee47c2546a49e96a892195ab84dda10b66bb027ec823d
- SHA512
  
  5d650bd9b7fd8331592208aa74710fbec036e568f6b4ee38300af65a8b6a3314fc72812654f1c38501429dd030785dc04ce024da6bfca5c490db29c682ee470d
- SSDEEP
  
  24576:+Bax5bh2HMcRb475RrfmJztMz2/jf0CZkA4XR:gaLV2sK4FR6Jrj3kA4XR
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  __pasys_remote_offer_wall.jar
- Size
  
  50KB
- MD5
  
  e27762cf868af9d5be2ba39c51eaea97
- SHA1
  
  43323b802aedb9e149e55aaf42607361daaeb147
- SHA256
  
  dd283fbcc996e8500825d332de0ab056bdf68a0f06d0f58c143c538974e19a62
- SHA512
  
  b0a902794a6502cd2f065d941c4f23c153a1e60d8e67f90bf722a45215f18611e01ae503e2b51ee61910933ab4b528266653e931268d498dd9caaabb95e4a32e
- SSDEEP
  
  1536:gy/tvvR6zDeCVHvPzB0Q8wBNgrhaRZ9Sb:gy/hvR6nD1rB0Q5BNgdaRyb
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  gdtadv2.jar
- Size
  
  96KB
- MD5
  
  24babfe2a37fa22fcea5436dc286c682
- SHA1
  
  3c19663d190b1cc1743f8210ee7d99a7955fa614
- SHA256
  
  5011bc2225fd4c8d35be1d2c38794853ed91a508addc7c237635358264e3b4b9
- SHA512
  
  b8710a16e6a06adf379e7895077d41d97826d3b3944ca0485df10cf0f97dd9c1c0fedbf892def5a13f137e9a6a3eec716ee45a0215b0a0a0ff55fd879de8e443
- SSDEEP
  
  3072:E95Rwj2nLL2sKa5h/D1XRsVdzi3kYORyr:w5SqnH5hBWdEORyr
Score

1^/10
behavioral10 behavioral11 behavioral9

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Process Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasion

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11