fe7a90c3c8f319c6b9e4b93b3631b3b89c99ff773855075ad49322a90b83a646 | Triage

Sharing

General

Target

6cab493fd4f096522a4ec2b9d85e783a_JaffaCakes118
Size

28.8MB
Sample

240523-3qc1bsdf2y
MD5

6cab493fd4f096522a4ec2b9d85e783a
SHA1

0300ad31840ef5207f646604d835f8d2a2833c12
SHA256

fe7a90c3c8f319c6b9e4b93b3631b3b89c99ff773855075ad49322a90b83a646
SHA512

4aecf32c5b8a1ab27907c66e674813e2f3814365f547f4f61f25ec316b1fa56afeec6eee3ea9f7e61b7a899b3b7e29dc552f33b21c50101a75dac4a04e4a00c6
SSDEEP

393216:ggEIAm73FIsCkDpIivygdB6XeE/G3yt4Av1o5jHYvDxgu0rOI5Lpe2yI3vKdNN3B:tEID7rCkNBy+8eSGCtP1ol9aQpLYiQ9b

Score

8^/10

android banker discovery evasion

Malware Config

Targets

- Target
  
  6cab493fd4f096522a4ec2b9d85e783a_JaffaCakes118
- Size
  
  28.8MB
- MD5
  
  6cab493fd4f096522a4ec2b9d85e783a
- SHA1
  
  0300ad31840ef5207f646604d835f8d2a2833c12
- SHA256
  
  fe7a90c3c8f319c6b9e4b93b3631b3b89c99ff773855075ad49322a90b83a646
- SHA512
  
  4aecf32c5b8a1ab27907c66e674813e2f3814365f547f4f61f25ec316b1fa56afeec6eee3ea9f7e61b7a899b3b7e29dc552f33b21c50101a75dac4a04e4a00c6
- SSDEEP
  
  393216:ggEIAm73FIsCkDpIivygdB6XeE/G3yt4Av1o5jHYvDxgu0rOI5Lpe2yI3vKdNN3B:tEID7rCkNBy+8eSGCtP1ol9aQpLYiQ9b
Score

8^/10

banker discovery evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Acquires the wake lock
behavioral1 behavioral2
- Target
  
  VqsPhone.apk
- Size
  
  5.8MB
- MD5
  
  b698322a9bbc89fe18b889c0aa39ef7f
- SHA1
  
  1b89284346482012408793034fe06405ecb2e43a
- SHA256
  
  aa3cea56d9921e30c3211dd1a087e78e1141f06c6d2611d18433cb52a86abc51
- SHA512
  
  2c596e4d3041699cce352b1bc69a48098db7e1e6ac5c0fbdfaea553107acf2d34a715e606f440dba6ab3a09d60445b05aa00c1588a30d4c7035aca0d22e902e8
- SSDEEP
  
  98304:fTAIJ0AQ9medpns3dZqs4IL1Z6ehYK6AogwpPt7bkQhBTEu8ahfGWUhOTTNnSI:M6kmeD+FPmK6Aopp1PBTEu8oGWUhANnd
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  __pasys_remote_banner.jar
- Size
  
  108KB
- MD5
  
  63ba17ca047dc71aa659c7ed8bb60de5
- SHA1
  
  675bd0556bce8d43cd29a6d9b3d996d41f3e0b2b
- SHA256
  
  2750f3af62f5b9d1d21f6a8215f529e472e7098ac16295b976a29115e8520a52
- SHA512
  
  5b70f6bc391276d2034a97e371adad0a635caafdfc33d32791db1432d4cca3f0364e1af6b10b574df5c8f3345bd5539a4d70455aa521f10b239e68216f5ddc39
- SSDEEP
  
  1536:JsIZFap4+HLANZ5+01fFI5iWBrANsLIHmd1C4i6L/AvuWD7i3z7Y6mrfrJvIC8O:JPZEpHrA3x1i53hxLOQ4I4mD3zk6mlI2
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  __pasys_remote_banner.jar
- Size
  
  108KB
- MD5
  
  63ba17ca047dc71aa659c7ed8bb60de5
- SHA1
  
  675bd0556bce8d43cd29a6d9b3d996d41f3e0b2b
- SHA256
  
  2750f3af62f5b9d1d21f6a8215f529e472e7098ac16295b976a29115e8520a52
- SHA512
  
  5b70f6bc391276d2034a97e371adad0a635caafdfc33d32791db1432d4cca3f0364e1af6b10b574df5c8f3345bd5539a4d70455aa521f10b239e68216f5ddc39
- SSDEEP
  
  1536:JsIZFap4+HLANZ5+01fFI5iWBrANsLIHmd1C4i6L/AvuWD7i3z7Y6mrfrJvIC8O:JPZEpHrA3x1i53hxLOQ4I4mD3zk6mlI2
Score

1^/10
behavioral10 behavioral11 behavioral9

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankerdiscoveryevasion

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11