097e3a18c0b0b518802381928e694f997c07462dfb76e9abd2704f9fdfcd3da6

Sharing

Copy URL

Twitter E-mail

General

Target

6db9b9dcb7063a97d7e6be10824161d5_JaffaCakes118
Size

8.7MB
Sample

240524-h6a6fshf46
MD5

6db9b9dcb7063a97d7e6be10824161d5
SHA1

897c6db10cdb0406520e4ba374f511ef0e17492d
SHA256

097e3a18c0b0b518802381928e694f997c07462dfb76e9abd2704f9fdfcd3da6
SHA512

a7361d7f1f15c432d7254e9cc3afd75978c79271aea36935147685c0c11f529505e249ee9a9dea9b6b8d50f85d4c69c4a77ebe33f7a7cbe084b4f883fbb69b33
SSDEEP

196608:U3dlSXuoxzqo3/B14ijxPcW/Esq3Uqfu+SOjlN:U32eEq0iJAi3UKj

Score

8^/10

Malware Config

Targets

- Target
  
  6db9b9dcb7063a97d7e6be10824161d5_JaffaCakes118
- Size
  
  8.7MB
- MD5
  
  6db9b9dcb7063a97d7e6be10824161d5
- SHA1
  
  897c6db10cdb0406520e4ba374f511ef0e17492d
- SHA256
  
  097e3a18c0b0b518802381928e694f997c07462dfb76e9abd2704f9fdfcd3da6
- SHA512
  
  a7361d7f1f15c432d7254e9cc3afd75978c79271aea36935147685c0c11f529505e249ee9a9dea9b6b8d50f85d4c69c4a77ebe33f7a7cbe084b4f883fbb69b33
- SSDEEP
  
  196608:U3dlSXuoxzqo3/B14ijxPcW/Esq3Uqfu+SOjlN:U32eEq0iJAi3UKj
Score

8^/10

banker collection discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Requests dangerous framework permissions
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2
- Target
  
  alipay_msp.apk
- Size
  
  748KB
- MD5
  
  d06ea38e4210a87d6b96f8b0491df677
- SHA1
  
  3ba573396398757088e559a9d372049a377eb05a
- SHA256
  
  76a24f83ad15586ff9a2081e420a707be9ddb0b5047e5b6de5974c41624ff2c1
- SHA512
  
  3d43e5bfad2b703a804a53048b6a88228a11fb80ac641d6594f774cc07f6c7367e0ee80b29966d02c9206542f467f55b0f1ddbbfef0ec372256314a7d1071f30
- SSDEEP
  
  12288:IjRAsoln+WMB1EgrGERh4xWgtSM7vXrRCn4I5p2Cnfv:IjRApZ+WM7yER61P7jw4IGSfv
Score

1^/10
behavioral3 behavioral4
- Target
  
  bdxadsdk.jar
- Size
  
  85KB
- MD5
  
  9d3eca3857c97662001c5daadd49d00c
- SHA1
  
  2f210a8e9310f9361319bf92a30ca0464216d1a2
- SHA256
  
  59eeaaa84657c30c8126ad01fa9fbd9aaba88d259c6d6b02577c95cb38ba1595
- SHA512
  
  9797d6e619a2047b40c5ccfeb5be00d10e5d34b242184761ac8ee466a062bb8e7073fa8eeffd5d744192a7a9f7a322d53bafb304d42780bcb9d9854b0dadeafd
- SSDEEP
  
  1536:iFr/k/uPCPw72GwJ3F+SibNgWMhTs7wbD2P06rmcR9O8Pl3i6Ya1LuKL6/h:iFguaPQgJ3FGhoo7ijPcR9O21iz+Luv5
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  dynamic.jar
- Size
  
  85KB
- MD5
  
  f27ff89a5ecb1ee6b77d1caf35d7da09
- SHA1
  
  cff05e07e5ee0d1a42762b143515c03787e92f0a
- SHA256
  
  81e345fa61b04ab4e4dd122dd5f4321f3e1e28dc4f1e230d36506bf079aa45a0
- SHA512
  
  890dc67a41005490b849daf15e13a1bd79bbb53328886a6d671452dee0fe439c8136d31f9ef55c5162a8ade2d623d57f67ed3bff33683e2b2b5b8e9518a2778e
- SSDEEP
  
  1536:Ol8VH7XDBpxfWvJALkXv/220FIp3KBNNpm1AexeuS/7hwVqBCcS99aO:E8VH7T3xfWvJALkv3EIpappbBluqBncH
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  epay.jar
- Size
  
  120KB
- MD5
  
  c81718e224470b7bc6640c213bce18eb
- SHA1
  
  e820b24e541a32b279e10835cad8104bf62ca17c
- SHA256
  
  51f2325608a26aaab0e22dcc2d64059c2dac7ee66ba778c7fa5fe4293b40fa17
- SHA512
  
  af0d33f0d162c095ef1c85cabdff1225f70117be627bdff0742719fa20731f9883c5bf493a69de11efbe4372693e5f7715ad1f661b2ef1aecb096d55b7ecff3c
- SSDEEP
  
  3072:D5EuUQpjFFro5Q/U0D8SklaESUNAWdi7p+7LX+J:DSMPo5Q/UvSklaL0Xw7nJ
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  gdtadv2.jar
- Size
  
  141KB
- MD5
  
  20260cd261dc030e24c9aa3738f096a8
- SHA1
  
  10cb03d6d2d5762185ea723204bb8914639af567
- SHA256
  
  c8a9aaabd205b53a0cd5af93e3b85601b139e2b2b253baf7e5bc3ecbe0761e7c
- SHA512
  
  fe8bd6533e8f54b9f1aa693b6aef7f2fb2e738513cc09c2f295efd69f542caa76b4d27cbcd1dab2b37117b36b8d19b3af4c66dd2471aef09b2e700da27c4faf7
- SSDEEP
  
  3072:gGsxVV3rvGW2Lufp3HE/Yk6oQDRZjDdSrQ0IVFiI0N/:gGsxVVjG7SfhHEN6J1ZwsFt0N/
Score

1^/10
behavioral14 behavioral15 behavioral16