1b14907b70f5c159ce7927d674ed80700e38befbc9177196b4a065a3aa641a5c

General

Target

67ee22e185c0f2296ce5205d33f8419c_JaffaCakes118
Size

10.4MB
Sample

240522-vaqmgshe9x
MD5

67ee22e185c0f2296ce5205d33f8419c
SHA1

e46597cbf74310d57fb3e4f030765b8c5d768211
SHA256

1b14907b70f5c159ce7927d674ed80700e38befbc9177196b4a065a3aa641a5c
SHA512

f0b15f5b748de58b4ddf219d8ac42f128493e4934f7dcfced7fcea9b7826077f8b0046f5aebc4a95f16879d0f94b1b2387d7ea6504bf96068f0141533d200517
SSDEEP

196608:+VA9uBg1fAjdsDa1iHE9tKftrzfrTfEVmIQD/+ilOx6jow78AzupE3LcSCeKk/9:XuuajdkcGftHrTfEEnD/+6OVAJglNG9

Score

8^/10

Malware Config

Targets

- Target
  
  67ee22e185c0f2296ce5205d33f8419c_JaffaCakes118
- Size
  
  10.4MB
- MD5
  
  67ee22e185c0f2296ce5205d33f8419c
- SHA1
  
  e46597cbf74310d57fb3e4f030765b8c5d768211
- SHA256
  
  1b14907b70f5c159ce7927d674ed80700e38befbc9177196b4a065a3aa641a5c
- SHA512
  
  f0b15f5b748de58b4ddf219d8ac42f128493e4934f7dcfced7fcea9b7826077f8b0046f5aebc4a95f16879d0f94b1b2387d7ea6504bf96068f0141533d200517
- SSDEEP
  
  196608:+VA9uBg1fAjdsDa1iHE9tKftrzfrTfEVmIQD/+ilOx6jow78AzupE3LcSCeKk/9:XuuajdkcGftHrTfEEnD/+6OVAJglNG9
Score

8^/10

banker collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2
- Target
  
  bp.db
- Size
  
  474KB
- MD5
  
  630e205b88b107578d97ab862cbc1d54
- SHA1
  
  6e2ddfcc443e3970883419b4a941d126e9704796
- SHA256
  
  007ab42a427a8a0c441229102b4dcadb47a38f53dff93072feea16f0efd8bd40
- SHA512
  
  fa03c32f28cc6531be979dcd8ce8f76dee842cfcf3ed5adbcfc0a9185e1b638731985a43f4c791d8876642625eb37d9dff7ddabb488e7b174e5470be929d6413
- SSDEEP
  
  12288:nNUG07ApFrt3w4Z1cSPmL+fHEZXc/EXjFfR2PKMW4yEQwYtyqyN:NUtALr4SPmLkkKyuPKcpYt7yN
Score

7^/10

evasion impact
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral3 behavioral4
- Target
  
  gdtadv2.jar
- Size
  
  385KB
- MD5
  
  824cb780ec81bb7366121b103e9820c0
- SHA1
  
  149a0a58257fc4d67722c0a218d4a9119cd9304f
- SHA256
  
  6d37ca4a40fcbcde1d8aaa1bba643e349614b8600166c50b03e397083725ce90
- SHA512
  
  658b65bd1b7c044ce4d497378dbdde5915b9e1e57d4911d00df4d694326c15410be7bae556c6ebd335e8f68b619a333856b20213f624874cd0ea1eef0c26672b
- SSDEEP
  
  6144:oHieHgKECmWW/O4TsEcyFTGl812C9xSzmkoEPn5iXQ9leg6Ob8ggUdJTtUsqpz:kiXbCBW5T7trBxPWA1Ob8sdJTUz
Score

1^/10
behavioral5