59eaf7a4c8b247c79d2c91b288e1b4e3fddad745107d55ad945e2a6596ac80ef

Sharing

Copy URL

Twitter E-mail

General

Target

6d344f8e6df0778fc71b22a0d15c3d6a_JaffaCakes118
Size

10.1MB
Sample

240524-d3jk7sbe2w
MD5

6d344f8e6df0778fc71b22a0d15c3d6a
SHA1

150a096dda5287e662ceb61dcb1a8dc6f0372d36
SHA256

59eaf7a4c8b247c79d2c91b288e1b4e3fddad745107d55ad945e2a6596ac80ef
SHA512

b40ab68cf01a4fd6a5c06c4dd7de69d2f391c56ac570ffebbd8503f04148ed7c6cfcbea119b84eb9d33b9cb752604c6b783d95355a2b1a9476e9d39df675a6b1
SSDEEP

196608:w3NLc3xdOJD5EhnXu/S2cUkQ+g8pAwY485Leap7Cbt1JfGb0Q:w3lc3gGRXu/S2t+2wILeap7CPJfG4Q

Score

8^/10

Malware Config

Targets

- Target
  
  6d344f8e6df0778fc71b22a0d15c3d6a_JaffaCakes118
- Size
  
  10.1MB
- MD5
  
  6d344f8e6df0778fc71b22a0d15c3d6a
- SHA1
  
  150a096dda5287e662ceb61dcb1a8dc6f0372d36
- SHA256
  
  59eaf7a4c8b247c79d2c91b288e1b4e3fddad745107d55ad945e2a6596ac80ef
- SHA512
  
  b40ab68cf01a4fd6a5c06c4dd7de69d2f391c56ac570ffebbd8503f04148ed7c6cfcbea119b84eb9d33b9cb752604c6b783d95355a2b1a9476e9d39df675a6b1
- SSDEEP
  
  196608:w3NLc3xdOJD5EhnXu/S2cUkQ+g8pAwY485Leap7Cbt1JfGb0Q:w3lc3gGRXu/S2t+2wILeap7CPJfG4Q
Score

8^/10

banker collection discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Requests dangerous framework permissions
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2
- Target
  
  alipay_msp.apk
- Size
  
  748KB
- MD5
  
  d06ea38e4210a87d6b96f8b0491df677
- SHA1
  
  3ba573396398757088e559a9d372049a377eb05a
- SHA256
  
  76a24f83ad15586ff9a2081e420a707be9ddb0b5047e5b6de5974c41624ff2c1
- SHA512
  
  3d43e5bfad2b703a804a53048b6a88228a11fb80ac641d6594f774cc07f6c7367e0ee80b29966d02c9206542f467f55b0f1ddbbfef0ec372256314a7d1071f30
- SSDEEP
  
  12288:IjRAsoln+WMB1EgrGERh4xWgtSM7vXrRCn4I5p2Cnfv:IjRApZ+WM7yER61P7jw4IGSfv
Score

1^/10
behavioral3 behavioral4
- Target
  
  bdxadsdk.jar
- Size
  
  85KB
- MD5
  
  9d3eca3857c97662001c5daadd49d00c
- SHA1
  
  2f210a8e9310f9361319bf92a30ca0464216d1a2
- SHA256
  
  59eeaaa84657c30c8126ad01fa9fbd9aaba88d259c6d6b02577c95cb38ba1595
- SHA512
  
  9797d6e619a2047b40c5ccfeb5be00d10e5d34b242184761ac8ee466a062bb8e7073fa8eeffd5d744192a7a9f7a322d53bafb304d42780bcb9d9854b0dadeafd
- SSDEEP
  
  1536:iFr/k/uPCPw72GwJ3F+SibNgWMhTs7wbD2P06rmcR9O8Pl3i6Ya1LuKL6/h:iFguaPQgJ3FGhoo7ijPcR9O21iz+Luv5
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  dynamic.jar
- Size
  
  85KB
- MD5
  
  f27ff89a5ecb1ee6b77d1caf35d7da09
- SHA1
  
  cff05e07e5ee0d1a42762b143515c03787e92f0a
- SHA256
  
  81e345fa61b04ab4e4dd122dd5f4321f3e1e28dc4f1e230d36506bf079aa45a0
- SHA512
  
  890dc67a41005490b849daf15e13a1bd79bbb53328886a6d671452dee0fe439c8136d31f9ef55c5162a8ade2d623d57f67ed3bff33683e2b2b5b8e9518a2778e
- SSDEEP
  
  1536:Ol8VH7XDBpxfWvJALkXv/220FIp3KBNNpm1AexeuS/7hwVqBCcS99aO:E8VH7T3xfWvJALkv3EIpappbBluqBncH
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  epay.jar
- Size
  
  110KB
- MD5
  
  6cd176d7c532e179c83df0368eb2cb7f
- SHA1
  
  efd9f4be774bd57ce443c4b934890694d9404041
- SHA256
  
  0341450ebe621542f2ea89b7540dc656a515451ac11ca842e2948a56de352c07
- SHA512
  
  777a85a4f3058466ef8c4f6899fbd501ca368d78ea7196ac923a595ca123628b7d8fed81d19a28226304beee0c2f920feece07be2e34430ae36f418750fee341
- SSDEEP
  
  3072:47RrfVhusZOCrc7H+VcsakAf9Ae+sfojMkM:+bQsZOOaH+JAf9AA60
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  gdtadv2.jar
- Size
  
  141KB
- MD5
  
  20260cd261dc030e24c9aa3738f096a8
- SHA1
  
  10cb03d6d2d5762185ea723204bb8914639af567
- SHA256
  
  c8a9aaabd205b53a0cd5af93e3b85601b139e2b2b253baf7e5bc3ecbe0761e7c
- SHA512
  
  fe8bd6533e8f54b9f1aa693b6aef7f2fb2e738513cc09c2f295efd69f542caa76b4d27cbcd1dab2b37117b36b8d19b3af4c66dd2471aef09b2e700da27c4faf7
- SSDEEP
  
  3072:gGsxVV3rvGW2Lufp3HE/Yk6oQDRZjDdSrQ0IVFiI0N/:gGsxVVjG7SfhHEN6J1ZwsFt0N/
Score

1^/10
behavioral14 behavioral15 behavioral16

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks memory information

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Queries the phone number (MSISDN for GSM devices)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Reads information about phone network operator.

Requests cell location

Requests dangerous framework permissions

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16