caa7feca6ef1de4db1dc55e55010ee0a9edad8ca88f154c469f615d251369579

Sharing

Copy URL

Twitter E-mail

General

Target

65b265f1aaef39c451fa05b19bc37cdf_JaffaCakes118
Size

19.6MB
Sample

240522-czd1wahf6v
MD5

65b265f1aaef39c451fa05b19bc37cdf
SHA1

8f31b460ad999070b3dc83a6225689e02e575c42
SHA256

caa7feca6ef1de4db1dc55e55010ee0a9edad8ca88f154c469f615d251369579
SHA512

76cd9b683117ce5db4e444aa00d0cc077961a1edd0c08e1b9b307cb1773313ff4f50c0088579011c0397f424d25bf740054e0735e3135223a4d176f4cd7b71ee
SSDEEP

393216:065Z3489vfiUmiModLtojsqHo93Szr9UfBEIJagXjYFYqy/1XEoopfClx:065Z3j93mtuLV3SVUfMiY2Oo+fg

Score

8^/10

Malware Config

Targets

- Target
  
  65b265f1aaef39c451fa05b19bc37cdf_JaffaCakes118
- Size
  
  19.6MB
- MD5
  
  65b265f1aaef39c451fa05b19bc37cdf
- SHA1
  
  8f31b460ad999070b3dc83a6225689e02e575c42
- SHA256
  
  caa7feca6ef1de4db1dc55e55010ee0a9edad8ca88f154c469f615d251369579
- SHA512
  
  76cd9b683117ce5db4e444aa00d0cc077961a1edd0c08e1b9b307cb1773313ff4f50c0088579011c0397f424d25bf740054e0735e3135223a4d176f4cd7b71ee
- SSDEEP
  
  393216:065Z3489vfiUmiModLtojsqHo93Szr9UfBEIJagXjYFYqy/1XEoopfClx:065Z3j93mtuLV3SVUfMiY2Oo+fg
Score

8^/10

banker collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1
- Target
  
  core.jar
- Size
  
  393KB
- MD5
  
  4f4dd81dbc77518d59df6abd1be1ac29
- SHA1
  
  2655a6c6ea5e40ad646e2ee8f48fc48658d18f4a
- SHA256
  
  42fb5fa1d7fbbeba40120bc460fe4ed43097111023f9485f2ee73119970119b0
- SHA512
  
  01f8bfa37ba9e9602e0a7edefc14a1d01dc4465a24d606ee2876c8be58cda47d8161b5dc0689a0299ea6b8b0814b2b8e1b342c32b1d26cd1acbe49e561e61dae
- SSDEEP
  
  6144:bEUPnnS5Cf3Z6IXrArfaVMZTtBa/Q/jgpOlJSDo2FOg1Btv:bEUWCfbXraisTtBcQbgIlKOgxv
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  lib.jar
- Size
  
  140KB
- MD5
  
  36b3cfe3cac3453cc1d324327401c7b4
- SHA1
  
  4cbff3359a8a82a492d7d47862d96e9a54952116
- SHA256
  
  72404d6b19db7a072abcbf2ecb00bf64eaabf66f83080cfc217ca44274ad26f5
- SHA512
  
  984a3d9099d6157a49a55ab095cb52206221eb1f2b6c845b36faaa22d61722e0aa4df54d265e11d523c5d3ca73fadfa650c56f8f48695e07443f9c9224dc91d3
- SSDEEP
  
  3072:cpRP5V9popj2K2Tjxsqvo+BQYcz0TUkYUpMdiLp:qRPZqpjHGx5BBKz0TO3QLp
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  msg.apk
- Size
  
  68KB
- MD5
  
  2fa409436fb744095965b9cf14a2a4e9
- SHA1
  
  6fc610450606d324b312d8c50797cccc08c0d7c2
- SHA256
  
  0163a03adc59da6049e79d55bbd9db2a07b68c10c4b0e7e41bd2d00871048fc9
- SHA512
  
  5985d8c847fd94e3653c5fb1fd55e4495cf9c353ed4dd381b6511b9b9535b6dda4ece14feeffbde54e5de859a13c4f0bac36c6b87865bf3c7acddd37a3369884
- SSDEEP
  
  1536:o/6EwgY9dsXcOFFtz8NF6zoXXYV03qE29d0oyf:ifPYQXcOFIizoxaE3t
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  octopus_sdk.apk
- Size
  
  524KB
- MD5
  
  63fe346c58c6b78ad833f0fe442e3e67
- SHA1
  
  a35394d1d3c3221f8df269cd908a0f4d9eb2a25b
- SHA256
  
  0601b14265b455af9d16dc84ef8f6af9c3a0e85bf0f4e65f10858dbed9560549
- SHA512
  
  a473e8979d55072a06ae59cccf01995fe2ddbc82d3f779da4f4b1b6d4fc3b1d4818bed6dac791bac096f05ffd392225485b5bf1eaf98e63017da3750c18ca8a9
- SSDEEP
  
  12288:LbBboNc+345QRpUP2FmJiJyy/OG2wu7AhcY1C3NUzqb:nWNc+Za4my/OVwzXCZ
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  update.jar
- Size
  
  5KB
- MD5
  
  30fcb1580a140f09f40dd3ddfeb51f3b
- SHA1
  
  1c22b48540f753ede97a6df9f856cac2014ece36
- SHA256
  
  340525f16eda59a80250b0ba013dfa9ebdf6cb15a355d1f7bbb6f39bbb9cf1f1
- SHA512
  
  e75d13c1b1d28b5f094d4d3b36754846ae92c0b73d0b6ed9965db9fc851cce00dde298a2275425f0a3501dab179d440f1750e457e4aba26c9761e251242fc42a
- SSDEEP
  
  96:usKMNkIK/6EyVcaV580TdiQ69DPZgivReAivnva/hg6hM+PR7do3a:7KJIK/6Ey6ar8QF6HbvEAsva/hVM+P3d
Score

1^/10
behavioral14 behavioral15 behavioral16

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Checks memory information

Loads dropped Dex/Jar

Queries account information for other applications stored on the device

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Acquires the wake lock

Checks if the internet connection is available

Reads information about phone network operator.

Requests cell location

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16