General
-
Target
69b120ee8ed289bb9722885401913f51_JaffaCakes118
-
Size
19.1MB
-
Sample
240523-ervd1add9x
-
MD5
69b120ee8ed289bb9722885401913f51
-
SHA1
5eaae8ea93b91ca2eae2d5630f39decee446ea62
-
SHA256
906e34817bf26a0a057c35513f941a8862dba537a8af4924d04dae2af188aa7d
-
SHA512
7456ac2d3326dcb84bd7aea598ee4179144ed9a258a4083e6c635285c35d5fe690c0a650e1a865c50870ff0765cd886eb5c96e2f34ac775342fc0c18a74cd5cf
-
SSDEEP
393216:Skxhkun+rQQFobNsfAQGgmq721zxWgS4Vc0UrwZIvqa2KK6CmDK9KR:SMDQ2bNsoc2WgSf0uwKCaA+K9s
Malware Config
Targets
-
-
Target
69b120ee8ed289bb9722885401913f51_JaffaCakes118
-
Size
19.1MB
-
MD5
69b120ee8ed289bb9722885401913f51
-
SHA1
5eaae8ea93b91ca2eae2d5630f39decee446ea62
-
SHA256
906e34817bf26a0a057c35513f941a8862dba537a8af4924d04dae2af188aa7d
-
SHA512
7456ac2d3326dcb84bd7aea598ee4179144ed9a258a4083e6c635285c35d5fe690c0a650e1a865c50870ff0765cd886eb5c96e2f34ac775342fc0c18a74cd5cf
-
SSDEEP
393216:Skxhkun+rQQFobNsfAQGgmq721zxWgS4Vc0UrwZIvqa2KK6CmDK9KR:SMDQ2bNsoc2WgSf0uwKCaA+K9s
Score1/10 -
-
-
Target
com.qihoo.appstore.notification.controller.apk
-
Size
351KB
-
MD5
e808683bd110e8a31d9d1d3fe25eb868
-
SHA1
71702eb9caf0efbfdb5a17fdca5489e902da80f5
-
SHA256
c27f4c61a077b3980d409f89d3352f148107f57960901d96e8e6771b9214fcf1
-
SHA512
c5ac13aa1a956c14415786a7f363e44670ea7f851858edf2339d0370b13f0f57f079fd9ab6c059f34c633df7d0902a2141b2135b119642b1733f2113ba91da11
-
SSDEEP
6144:qLW7/su7HMzZL6XjC11p5l/c5pW4WiR55Pn0MnCzixO/muQNba1OK1ytrF:qwT7MtL6uDjGpZWiZPRFxO/muka1otx
Score1/10 -
-
-
Target
com.qihoo.appstore.pay.lite.apk
-
Size
260KB
-
MD5
2440eb04289baccc027a4ec684d2a14e
-
SHA1
4727a55de77c8e779849f6976084c4fa8ace3830
-
SHA256
fd1fa6bda15e3145f109a643032a43c6d6f0576e2827d15685c934b82e2137b2
-
SHA512
c09a345d9aaeae7298ca4a0b8533627b4d9d652212b5e76a37a09db3cafa29e3c7163c4e0fbd4f05ba03a781a6f7037609fd77c1bc03cff69cd4dc33a0a37719
-
SSDEEP
6144:garGZOh0LeG1d3rUjjCXf7FyZwRMWgigaHjUNA2OcMMmIWmKVQlQ:gYADd3rMWinWgi1INyNMcmo
Score7/10-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
-
-
Target
com.qihoo.plugin.splash.apk
-
Size
670KB
-
MD5
dedfedd73b92b9f264e5244ab5d76fc1
-
SHA1
7da66f9ef927cfebc2c103d7454ce00bf00e7d31
-
SHA256
b606f0029b8403132c706d3d31b02b8880ef951be7fdd9cff6cee04f7d15330f
-
SHA512
81c646fa27c1e5adb56e6e0895c2cae1af6b0398ac5590c170fffce0a3c88ca56439d911b600d2e231605bc4e6314c2c84636ed1b7f1a9b6d4ac4f55f5e0380e
-
SSDEEP
12288:N/IsDcayTTDKEMhuxi+gq6NMiB4rNrOSSqXDf61U6c5L9dZ+N/sT4IFAkvCfCb:5B6TDvMhv7q6NMNrNrOQuUdTkN/sT/24
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
-
-
Target
tcore.jar
-
Size
153KB
-
MD5
bc3cb0eef1d19c47cf3f1a2211258aee
-
SHA1
7f10b763a43b6900cd9925b014c1a794994d37dd
-
SHA256
79e1eee2d72cb40e0c931ed08e609891a41b0a2802d6e0b98abd7970238b4eee
-
SHA512
51f66294dbc34d4c618e2b16449c47f73734f1d5a57d2e40927ff5ab808604206fda84af29653cb9b018f30749e54a0a481e796cfc7b016a317ff7e83860df86
-
SSDEEP
3072:GYRLLNEK/MG/+UL3TMPAi7GGawe/JchKfbNewyfVF4BTP7rLqchL:GYLLNEkMG/+g27GGze/JSi5IuHLBL
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.appwatcher.apk
-
Size
472KB
-
MD5
80d095d9131a5ac963770a9a6f220481
-
SHA1
b78a95bc65fae4dc72e98289c2165f7519e75302
-
SHA256
cd07d8b8278824064d52a370fc831ef456e2a5512471942ff355ca2192033dfa
-
SHA512
0a93f5df1960832b90a12512300b1729c5ad33a67a2ff9b728d0f561e1e0b26d812c9057de00e815cab6327a8f49be95f8a6a233acb47a56ea5a16daca18bc43
-
SSDEEP
12288:29py1511VcRX2tjEKfw7tRZPlvqrb9kh2Vp+70QA5Su1:2LajuXSEK4lborU0QAB1
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.authguider.apk
-
Size
268KB
-
MD5
314a01a8816329670637775c270252ad
-
SHA1
a081d56210954ade71658b61e4574619ed2b73a6
-
SHA256
bdfd330fa6ead0ed3bc248d2f35578c25778d3fbe26a62c65472296b692ab783
-
SHA512
97876f727c0a7365014a154f09e2c6186129eadabf9d7b305e2325c004486ac6549e1802eb27dec7c2949cfceaca93780dc69a0886560e184e7c75cbca757288
-
SSDEEP
6144:kXJJ7DyoDbUynN22Cxq0tydoXnJwDdRRtAFO6+5429:k37DBDoynN22CxLQd4QtAK5z
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.chargescreensvc.apk
-
Size
156KB
-
MD5
e831bb8b261d2dcf4b4feac5dede13ad
-
SHA1
689fdd2e795bffda0ad14ca08383d66d3049c54f
-
SHA256
b782d1d1e31908b22dbdab77f8f78e82fe396a92c0f90eb2009b303ad067628a
-
SHA512
2bfbc9b62b73fa5cc8f06fd359b7d3f35c1c01aee98a14235da3c682b3aac0c9004b44787ac51421effb4e5580d5d6c6bb6cb5354b97915fa25dd6fdb252c112
-
SSDEEP
3072:VpBeMzkc7P8GFAWSg21zWrMXukQlYog6kXrcqZWAgu1N9Ph0WCl7IM5rs:VyMbTLaFg6zWrMXDKYog6kX9eudh8IMu
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.downloadlist.apk
-
Size
1.2MB
-
MD5
c0f953e7fa0576ab36895f4348efc572
-
SHA1
31a531d7857db6ef365cbfda9f6bd210ca0214aa
-
SHA256
9d6279c664ddd3e1bcad8f0d50276c7d8d6db4cb3a1fb288b0627faa61d203f1
-
SHA512
9508438f6885f06b1331eb2b08f6d1ef873347f1f71ab46aba21dcd490205b7a76090fe4022b73ab4668e6dbc45269e4d9053a4af9222a424e93a28fcffd7f49
-
SSDEEP
24576:Fo3+SxeHe2/GSBIwCMK6FGoEBN6MhHDjE9zThDVGMy8G:m3+uAerSONd36Sn0VHs
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.homepage.apk
-
Size
2.6MB
-
MD5
5e98dc707db9f50ec7f706697249e267
-
SHA1
7bd303959b4a4e6b0e903dc85a58959e9fc5e862
-
SHA256
c58480beadc0608def639a38252438b79d42ccb51fe3f5bcec533e7c85668d2a
-
SHA512
cfe9a64cb91298fb9bed750d05822cd9f89dae6658aca73408653cac38f45ef77ea072d5da5a553d5c5ac9d95560cd81b13d838eecce875435eadcc8ca770dbe
-
SSDEEP
49152:GwvL3GJla28TiWM2E3gTppUfU1yMOiPpqIbXobsbJqrwlcCY:bvKJlMiB2EsEXhiRqui6qoPY
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.persist.apk
-
Size
65KB
-
MD5
0af876b3a2307fa3e6d1c3fc735aaa44
-
SHA1
97967dc45b68c225f0368ce18cffd20d8a0701c2
-
SHA256
1dd91a46330c467a5e4cf5111b3cc88dd50c611cf12fd41a7ac27ecdde6fb383
-
SHA512
39e19d08766f7e58d4423f609575082696f91002e6f0b98972312cc7c52986a714317350cf1c0d6fc13064142acdc02fc42dabf948c611b51fd5f86c013fce86
-
SSDEEP
768:8MXtWSSpDm1apfrRy5J2OZuSJrRInN3fc2Dnmtll21dS1JGJA7rCVPMgVA0ms3+F:dpUG5c9yRyNk2CZicGi7+je+XhCVWuvH
Score1/10 -
-
-
Target
com.qihoo360.mobilesafe.recommend.apk
-
Size
3.4MB
-
MD5
0a2f057148b0746c4a8a64f170bc0bae
-
SHA1
aa62a02529ddb89e7e07faddddd615674f702f48
-
SHA256
69b3baaa23f0dfa4a27edb57f04865b38c7ae83a8c63740109488ff6ce0ca90b
-
SHA512
ddc79a94ddb505aee170efb511d4f0b0b2d35fa72e801e608c78c23807a3040ccbb37c2c498905ba96f3742d7b3de88767d981ef373b32513ef6c9054433e392
-
SSDEEP
98304:/9InT8ySMtRbS2hz0yrsTdbRxijl7hQBj:+Unkp+dxuh+Bj
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-