4c3f7d2e24cd969777b94051a9017017ace92da9c5684b5f867abde4c2a33298 | Triage

Sharing

General

Target

71a5aab1973e55622b065885b4884a80_JaffaCakes118
Size

18.4MB
Sample

240525-mgtcysea47
MD5

71a5aab1973e55622b065885b4884a80
SHA1

1fa9f20775e60f2d29012d3efd062c48f93c3fb6
SHA256

4c3f7d2e24cd969777b94051a9017017ace92da9c5684b5f867abde4c2a33298
SHA512

d4c0a97a12484613edf6662ce0cd896acee999df478181c4806674f7a4276ced00bdb5bb0536ca7ab88d9af9b4ac0a30198e03515036f8ae2827c5b99e0b131c
SSDEEP

393216:u81JTaeVNR+N3S4V8PUSVxX16d1+NL6xtiJLq+nBC4MSI3A:uapari4VIP21xxtmne3A

Score

8^/10

android collection discovery evasion

Malware Config

Targets

- Target
  
  71a5aab1973e55622b065885b4884a80_JaffaCakes118
- Size
  
  18.4MB
- MD5
  
  71a5aab1973e55622b065885b4884a80
- SHA1
  
  1fa9f20775e60f2d29012d3efd062c48f93c3fb6
- SHA256
  
  4c3f7d2e24cd969777b94051a9017017ace92da9c5684b5f867abde4c2a33298
- SHA512
  
  d4c0a97a12484613edf6662ce0cd896acee999df478181c4806674f7a4276ced00bdb5bb0536ca7ab88d9af9b4ac0a30198e03515036f8ae2827c5b99e0b131c
- SSDEEP
  
  393216:u81JTaeVNR+N3S4V8PUSVxX16d1+NL6xtiJLq+nBC4MSI3A:uapari4VIP21xxtmne3A
Score

7^/10

discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral1 behavioral2
- Target
  
  BaiduNaviSDK_Resource_v1_0_0.png
- Size
  
  1.4MB
- MD5
  
  038c785558c6743e09a31631b9f04d1d
- SHA1
  
  42ae6b74d418c4d839600471718b62dfd7d812a9
- SHA256
  
  e9fc11fa95dc1e95a2cd4ef86905acdd79cfb71ba4ff9912c8e46b59ed685e45
- SHA512
  
  573bfcc3effcece86e5ef8f0e9a84e9dd523936ef9224861a0ff834d35fb7d662e965e13ed5265306549c61d4458c7687471f680d7bf217004590c118de15794
- SSDEEP
  
  24576:w9o5l0aiDLYxvm6iugA1Ft3unH1jR49OLt1xJqkqFn/wS2mM4:6ql07DL4e6Fpj36Hz49OLt1xorh/1M4
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  alipay_msp.apk
- Size
  
  354KB
- MD5
  
  89c04e1ebcd58eca6dd93211628ed0bc
- SHA1
  
  7d1e77ce25a635299704dbd95bd95c697572ea9d
- SHA256
  
  ee3c608fff51b313f4e0b3e542bedccb4d4db4c8eb44e63bf4be0d468e9ee117
- SHA512
  
  3dccaeff9906401855f3071c91012926d7e9250674ea0bb89606e4862223a8343fc7b9369afe4e50031d261b45437107c018f565da5615c49721c3bf1bf6ed01
- SSDEEP
  
  6144:cH8LfOo+BjGVN8TdW4zxgnm1Us3JuOK2vf5C8EcPK+WvyQcQ2fnq7:cHLxBiVN8pWggmlY25CLE8RcQ2fnq7
Score

8^/10

collection discovery evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Checks if the internet connection is available
  discovery
behavioral6

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Execution Guardrails

Geofencing

Credential Access

Discovery

Location Tracking

System Network Connections Discovery

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

collectiondiscoveryevasion