0d313cca0385cc556efb370644d790c3fb5bcd21f13f3638a096f0c921eeb4f3 | Triage

Sharing

General

Target

6ed53068a02593a5402ca22d556f5d79_JaffaCakes118
Size

13.4MB
Sample

240524-rstkbahb4t
MD5

6ed53068a02593a5402ca22d556f5d79
SHA1

73a270be5b7048dd9b34b9d48787f21926cd6dc7
SHA256

0d313cca0385cc556efb370644d790c3fb5bcd21f13f3638a096f0c921eeb4f3
SHA512

bf78d909bc7462fe0c268cdb65bd3dca9e06ce36e92a90a3255e0dad099d9d959c32456abb29b34aa96d180b8f4bd64a5fb7d6f401dda51c7ab615ae47833a8e
SSDEEP

393216:maWhtZ3U7c7okMPK36Sw0nrfqNS22KHS4FEbDF:mJZ3UA75DqM28F

Score

8^/10

android banker discovery evasion impact

Malware Config

Targets

- Target
  
  6ed53068a02593a5402ca22d556f5d79_JaffaCakes118
- Size
  
  13.4MB
- MD5
  
  6ed53068a02593a5402ca22d556f5d79
- SHA1
  
  73a270be5b7048dd9b34b9d48787f21926cd6dc7
- SHA256
  
  0d313cca0385cc556efb370644d790c3fb5bcd21f13f3638a096f0c921eeb4f3
- SHA512
  
  bf78d909bc7462fe0c268cdb65bd3dca9e06ce36e92a90a3255e0dad099d9d959c32456abb29b34aa96d180b8f4bd64a5fb7d6f401dda51c7ab615ae47833a8e
- SSDEEP
  
  393216:maWhtZ3U7c7okMPK36Sw0nrfqNS22KHS4FEbDF:mJZ3UA75DqM28F
Score

1^/10
behavioral1 behavioral2
- Target
  
  com.qihoo.appstore.pay.lite.apk
- Size
  
  260KB
- MD5
  
  2440eb04289baccc027a4ec684d2a14e
- SHA1
  
  4727a55de77c8e779849f6976084c4fa8ace3830
- SHA256
  
  fd1fa6bda15e3145f109a643032a43c6d6f0576e2827d15685c934b82e2137b2
- SHA512
  
  c09a345d9aaeae7298ca4a0b8533627b4d9d652212b5e76a37a09db3cafa29e3c7163c4e0fbd4f05ba03a781a6f7037609fd77c1bc03cff69cd4dc33a0a37719
- SSDEEP
  
  6144:garGZOh0LeG1d3rUjjCXf7FyZwRMWgigaHjUNA2OcMMmIWmKVQlQ:gYADd3rMWinWgi1INyNMcmo
Score

7^/10

discovery evasion impact
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral3 behavioral4
- Target
  
  com.qihoo.plugin.splash.apk
- Size
  
  448KB
- MD5
  
  c2113e90fb97212c968fbab23cd8ba5c
- SHA1
  
  c7a0854d096f549b93b0e6bf28e36ff7fe27bc43
- SHA256
  
  b6682034e1fcfe8f448a2a604c3dc473d842732bfb34b53377d43e418a001a6e
- SHA512
  
  0bdc8398dae373d48d84601eacced88b5eeddde469f46ee87d0c6fa16bbc6e1f91db863c1345e2a70152dc38d8c4ce9c01f4981d67daeea1fb3f82a03d25ba02
- SSDEEP
  
  12288:MhDEVb5D8huxi+gq6NMiB4rOZXL9dZ+N/st4IFAkvPQL:juhv7q6NMNrOpTkN/st/Lq
Score

8^/10

evasion banker discovery
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Reads information about phone network operator.
  discovery
behavioral5 behavioral6 behavioral7
- Target
  
  tcore.jar
- Size
  
  153KB
- MD5
  
  bc3cb0eef1d19c47cf3f1a2211258aee
- SHA1
  
  7f10b763a43b6900cd9925b014c1a794994d37dd
- SHA256
  
  79e1eee2d72cb40e0c931ed08e609891a41b0a2802d6e0b98abd7970238b4eee
- SHA512
  
  51f66294dbc34d4c618e2b16449c47f73734f1d5a57d2e40927ff5ab808604206fda84af29653cb9b018f30749e54a0a481e796cfc7b016a317ff7e83860df86
- SSDEEP
  
  3072:GYRLLNEK/MG/+UL3TMPAi7GGawe/JchKfbNewyfVF4BTP7rLqchL:GYLLNEkMG/+g27GGze/JSi5IuHLBL
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  com.qihoo360.mobilesafe.appwatcher.apk
- Size
  
  57KB
- MD5
  
  1ae1ae9f97b5809dd8456878f0cf28dd
- SHA1
  
  69278f2a15e9c7e01b6639bbc997716bbde307dc
- SHA256
  
  5b586de6ee4db4bce5f3f0c56511c726fb7deb3ea0db83c33e83ccbc60842c5c
- SHA512
  
  f6c350053047a594204a23b5ef69d5c0d03723a3c2f819c53b87c52cea0e0e19c5a776a089bd5e639107c0ef51c00962fa2341cc63ed7a125b2f87e667d6a965
- SSDEEP
  
  1536:7+0YY5B84TGCraiSVfPjcfbt1Cw2o0pkJZ7USIYo9vylwh:7+SBVzGS72uZ7nxqh
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  com.qihoo360.mobilesafe.chargescreensvc.apk
- Size
  
  150KB
- MD5
  
  da300f9190d20a13eba31839162292f1
- SHA1
  
  7bc735f05e558c0e70bb4c9dfcc81c5b70975500
- SHA256
  
  9250610e75fb8296469df81483f9d38ac87b65d351f4d049f7c13fc057b6702f
- SHA512
  
  0a755dcfc6cf7d48ac608ce505acf31d50bb8cd0f6bf4aff5c087bc32ba78a93aef7d792f9b5a2dd566ef6080be7cf4fb9243555ffa1633dfe8ea9c8f118140d
- SSDEEP
  
  3072:BorAAjelZDmcsQWPt9Yd9og6kXrcqZWA0u1N9Ph0WCl7IMo4:BorQGxV9q9og6kX9Cudh8IMD
Score

1^/10
behavioral14 behavioral15 behavioral16
- Target
  
  com.qihoo360.mobilesafe.homepage.apk
- Size
  
  1.5MB
- MD5
  
  1551ff72b024b80c08ddf1ae6465f825
- SHA1
  
  1000b0fb01b3220f6e9910a6ceee74d594191b90
- SHA256
  
  f88ea72e203615fbdd39eadacd1a3077c88ac735377428970c0fcaafc93c8f64
- SHA512
  
  89ec36eb7560d84f1be3972e7492418ac455eb717d9dc0d0615ab6f6540017772ee42a4fb7048f4f9bd1785ab439aa3d65bb129736e73c7d299caaea8fe25c1f
- SSDEEP
  
  49152:2wG+rRsMJrpSm76ydcflfvKZ+JdBEpD2hB:NG+9RRz76ydKlfvKZ+76pD2H
Score

1^/10
behavioral17 behavioral18 behavioral19
- Target
  
  com.qihoo360.mobilesafe.recommend.apk
- Size
  
  2.0MB
- MD5
  
  07f6b8cbdd94c6b31ac3d12215b450e5
- SHA1
  
  bad6ef832b15006c9d6d4fdb282eef2dd8393ad4
- SHA256
  
  8c4f66d062e4df5a8f8975d60705e2cfdabb20db4533ee2a4baedda88fdaefd7
- SHA512
  
  485666409815a42b59a88c32e250018f836dfcb26a842c5f90184d18df5dbbcb6223a57183c78f8dcac8cd62819f199464bda5cf3409fd7565b9fbc59b1fc03f
- SSDEEP
  
  24576:60Klsmc4NAW1PXtYx+IOD+KYdEabIAzDIX2m9h33jWN/PR2naUpy5bd3VCz+c5:ylsm1tYxQ6MDV3ClPgar5bBVCzv5
Score

1^/10
behavioral20 behavioral21 behavioral22
- Target
  
  com.qihoo360.mobilesafe.search.apk
- Size
  
  660KB
- MD5
  
  81ec4c34bb7d5014b65ec473d626250e
- SHA1
  
  8af7496f573e7a96cd58e6f16211ba3279c005b1
- SHA256
  
  9e7662ce2d232f7e8fc82799c09e7af7783899bb5a272429c9b038c063260ba2
- SHA512
  
  ed37dd9e4e0ebf3476c40b657ace1c958ace8c9f34d4ec68cbedba727545c346cec895acb8386f2b5d4523364a5867ed60b7fb0797d44a718f3b6106ef9bef5b
- SSDEEP
  
  12288:Q/k+/Jo+BhAcpoEeV7hMhUQgewKYc0rTcR17TYhQm9iWbINC:M/2nZ7Zh8U7cJb17TRNC
Score

1^/10
behavioral23 behavioral24 behavioral25
- Target
  
  dmss_v2.jar
- Size
  
  126KB
- MD5
  
  aa64c54de3204df266353f78f8f92743
- SHA1
  
  f30391c3c576f3ad05cae309d4b3ed63759f140f
- SHA256
  
  a9d07897e42c42c15f27ac1e3a907072bce90aeed7cf70ad3c52ea020a2bb1ac
- SHA512
  
  a3be909d084d88dc1da4c0b0fd8dfbcc63d3149308f622b094fb1b9b4a47c2e5fe9633fd7354e2ce281d222fffcfdfd3896708cb398c81f12437aa8f0720690c
- SSDEEP
  
  3072:QWDEMmwiLvzgsHGEIqTriwmelZLoALvFchukchKC+8G/ee:pDpmwiJ2Ur7mhAL+kkcPG1
Score

1^/10
behavioral26 behavioral27 behavioral28

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

discoveryevasionimpact

behavioral4

behavioral5

behavioral6

behavioral7

bankerdiscoveryevasion

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28