bd0c51d6694dabd0c86a717b78af543b86f6c429c412e42b4064fcae9bf65c0a | Triage

Sharing

General

Target

743c7b981b95dccf79aebaf29c7d0d8d_JaffaCakes118
Size

6.5MB
Sample

240526-ebxjesee36
MD5

743c7b981b95dccf79aebaf29c7d0d8d
SHA1

eb99630b06dca9ce481a27d556f02d4925944d14
SHA256

bd0c51d6694dabd0c86a717b78af543b86f6c429c412e42b4064fcae9bf65c0a
SHA512

6ae433bf3437609a7515a284aa765a0d3596fabdf299553224cce331850375592428070b4a103c05b3f9c4e4d638c6d610c7071ec0112db3eef63e51f2f6e057
SSDEEP

196608:3I3rBevERvL8qu22O+XZcQ+hxcgi49j+UQLEu4:3cG4m22OqSQ+hxcgibUQLEu4

Score

8^/10

android collection discovery evasion persistence

Malware Config

Targets

- Target
  
  743c7b981b95dccf79aebaf29c7d0d8d_JaffaCakes118
- Size
  
  6.5MB
- MD5
  
  743c7b981b95dccf79aebaf29c7d0d8d
- SHA1
  
  eb99630b06dca9ce481a27d556f02d4925944d14
- SHA256
  
  bd0c51d6694dabd0c86a717b78af543b86f6c429c412e42b4064fcae9bf65c0a
- SHA512
  
  6ae433bf3437609a7515a284aa765a0d3596fabdf299553224cce331850375592428070b4a103c05b3f9c4e4d638c6d610c7071ec0112db3eef63e51f2f6e057
- SSDEEP
  
  196608:3I3rBevERvL8qu22O+XZcQ+hxcgi49j+UQLEu4:3cG4m22OqSQ+hxcgibUQLEu4
Score

7^/10

persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Requests dangerous framework permissions
behavioral1 behavioral2
- Target
  
  alipay_msp.apk
- Size
  
  354KB
- MD5
  
  89c04e1ebcd58eca6dd93211628ed0bc
- SHA1
  
  7d1e77ce25a635299704dbd95bd95c697572ea9d
- SHA256
  
  ee3c608fff51b313f4e0b3e542bedccb4d4db4c8eb44e63bf4be0d468e9ee117
- SHA512
  
  3dccaeff9906401855f3071c91012926d7e9250674ea0bb89606e4862223a8343fc7b9369afe4e50031d261b45437107c018f565da5615c49721c3bf1bf6ed01
- SSDEEP
  
  6144:cH8LfOo+BjGVN8TdW4zxgnm1Us3JuOK2vf5C8EcPK+WvyQcQ2fnq7:cHLxBiVN8pWggmlY25CLE8RcQ2fnq7
Score

8^/10

collection discovery evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Checks if the internet connection is available
  discovery
behavioral3
- Target
  
  com.skymobi.appui.sole_v1001.apk
- Size
  
  421KB
- MD5
  
  639df8fc0e9d3fade89742adab89df52
- SHA1
  
  3171e6d6b19736941b8f0dd15435fab94a43feca
- SHA256
  
  7224a72196e3d136818c0e169e99310910d5f1621420c3d2e1033197150932b3
- SHA512
  
  b1bbc81b816554ad77b1060e4ef925256da42a29b265968e65be59bdd2cfb00332abacb4c7fe4a37febf5267b6d499be055498fc9cd2687a0d9ecdfe1ec61f4b
- SSDEEP
  
  12288:NLGz05QsFZrUnta5KhXNVDzeXh1q2mz1s9z:MsXrS3h9VneLqpz1Qz
Score

1^/10
behavioral4 behavioral5 behavioral6
- Target
  
  com.skymobi.pay.opplugin_V2017.apk
- Size
  
  189KB
- MD5
  
  7ca433f40d2e4d750cd5d19e0998e005
- SHA1
  
  dbb1f221cb279c9c067be19ae2756a1c9b5b67c8
- SHA256
  
  dc55c0952f54064f229d4105fe09178ab2061dba5ac33a78ac76bd711bfaeb0d
- SHA512
  
  a561bf5401050c65c5f227b3457d76bd48c4182ecfba5213b02800fc7072b209ee3baf25d024a145314503f946773dde8fc0e17907ee618286fa42c8ab323404
- SSDEEP
  
  3072:MLWTvQatpn8vCt1WgMsNFlRkSlj4Z1j4ipaEGdWGGWXEnJ:/TvZ8vCbRbvjEZ4hEcGqAJ
Score

1^/10
behavioral7 behavioral8 behavioral9

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Execution Guardrails

Geofencing

Credential Access

Discovery

Location Tracking

System Network Connections Discovery

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

collectiondiscoveryevasion

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9