b83d76241dd74766e025c7a520941eed27f52fd3bcc8037380c8067c623f995e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85ab7aa968e0ed8bd58162ee99191e39_JaffaCakes118
Size

16.3MB
Sample

240531-ce1n5scc55
MD5

85ab7aa968e0ed8bd58162ee99191e39
SHA1

80ab4e40f1ed440e163c70747f38a06d3aede4d3
SHA256

b83d76241dd74766e025c7a520941eed27f52fd3bcc8037380c8067c623f995e
SHA512

0c50530bd76741f3cae9a64fae5e4dbbf6f1e3650085795354e738be7441231874036f5141f56e15ca04360942b74a6bfe3915a17cbeacaf22d6a1aeef54791a
SSDEEP

393216:7QuZsddCPs6Nl8Lv7Sx3f51IJ9T6pwspuGNVBHgBuQqZf:EDEh8vSxx1IJxAppHgBuX

Score

8^/10

android banker discovery evasion impact

Malware Config

Targets

- Target
  
  85ab7aa968e0ed8bd58162ee99191e39_JaffaCakes118
- Size
  
  16.3MB
- MD5
  
  85ab7aa968e0ed8bd58162ee99191e39
- SHA1
  
  80ab4e40f1ed440e163c70747f38a06d3aede4d3
- SHA256
  
  b83d76241dd74766e025c7a520941eed27f52fd3bcc8037380c8067c623f995e
- SHA512
  
  0c50530bd76741f3cae9a64fae5e4dbbf6f1e3650085795354e738be7441231874036f5141f56e15ca04360942b74a6bfe3915a17cbeacaf22d6a1aeef54791a
- SSDEEP
  
  393216:7QuZsddCPs6Nl8Lv7Sx3f51IJ9T6pwspuGNVBHgBuQqZf:EDEh8vSxx1IJxAppHgBuX
Score

8^/10

banker discovery evasion impact
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Checks if the internet connection is available
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1
- Target
  
  ltayx.mn.ltplugin_v2000.pl
- Size
  
  101KB
- MD5
  
  4e0b4e0c5f77e8eac335f7b2d996372b
- SHA1
  
  6ebacba1a06d056a5ad61e6b5901e727b7fd26b4
- SHA256
  
  1326553724cf0690c188ed8c5e858f5af25e5b4f48c0f029bad82310659fa80f
- SHA512
  
  3c3c0d546318bf489d92c3bfc4fc2bf38ee86dcb5ce2b20d6417033c1a69cd0fdd4c3b08bd5a5901f92aec2ea619b7cdc412421945bb24356eb9df4cfecce4ba
- SSDEEP
  
  1536:joW8LBLVEmm3LfUHZaKGV6fCA4+prcuUwCA6zTF+DXrYDB/BKEVBdE8ntTNVNpJU:4Fmb4anV66A4fS8BoXr68EVQ8nxNnq3
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  unicom_resource.dat
- Size
  
  41KB
- MD5
  
  1099cc55782e9dfbea4df0cc9c42e8af
- SHA1
  
  c398368af914bbc35187b15201ab9b10de3f0592
- SHA256
  
  7ae180774a4f784d4ebc21650295cea6269d0c4a1884a5af815930ee47553279
- SHA512
  
  e6dcdac4c51042db8a91f25cf9d1461c0b4284a5138086fb3264e7090840aa6ca144f18e7bc498d0ecd1d131804193d94bdf471e8ada15f7b30b2bb8359adef8
- SSDEEP
  
  768:R8gYCYCpONOKIfwiFWAkEsDVop56mAOvuGMC21q0dkHj:9PRpO4KsOOvuG3+dkD
Score

1^/10
behavioral5 behavioral6 behavioral7

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

bankerdiscoveryevasionimpact

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7