General
-
Target
88366ebf98b22db970157a631913e236_JaffaCakes118
-
Size
15.4MB
-
Sample
240531-yzgyesbg2s
-
MD5
88366ebf98b22db970157a631913e236
-
SHA1
d7206b20d6e1ae761430f28466ea773faba5ba0b
-
SHA256
6e961d215f55efbdfdfdcc7f83961f764c643de7c63b3a3327b4df00bb0a7cf2
-
SHA512
b8c4d0612f331090b4db3d9006d6987c1470b6c309fbf84f57dced04a6f67e67e4ffcc1a23c60e3c699529682958c3805673468e3c53a0195212ba40aab38aa6
-
SSDEEP
393216:4JwD5y2fZQPWp5HVLGDoOxgIZHeKEU4A/OSD0odOroEB7k:6wdy6mPk51VOV4KV4A/OMQrou7k
Malware Config
Targets
-
-
Target
88366ebf98b22db970157a631913e236_JaffaCakes118
-
Size
15.4MB
-
MD5
88366ebf98b22db970157a631913e236
-
SHA1
d7206b20d6e1ae761430f28466ea773faba5ba0b
-
SHA256
6e961d215f55efbdfdfdcc7f83961f764c643de7c63b3a3327b4df00bb0a7cf2
-
SHA512
b8c4d0612f331090b4db3d9006d6987c1470b6c309fbf84f57dced04a6f67e67e4ffcc1a23c60e3c699529682958c3805673468e3c53a0195212ba40aab38aa6
-
SSDEEP
393216:4JwD5y2fZQPWp5HVLGDoOxgIZHeKEU4A/OSD0odOroEB7k:6wdy6mPk51VOV4KV4A/OMQrou7k
Score8/10-
Checks if the Android device is rooted.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
-
-
Target
bdxadsdk.jar
-
Size
85KB
-
MD5
3c850ffec5bdd850f123077ca210a411
-
SHA1
1c1ae4678b8a3b65640f047cb1bd72bc70d66f97
-
SHA256
516023ce55fff40074d3c3d9016c023b1fc7dfba2b59c172f89141f1484d418e
-
SHA512
aa3611687b6140ee9214392a84bc1ef55a6425a84a4e413dfcb2e936a931b9015e1e4ec53ad73539d26622427f9e6da0eae5c58ffc18285de42fc15639d786dd
-
SSDEEP
1536:E4A1vm52J1h/mgxeek9/Ckkf1THL8BNbM/DXO8Q/3yJ463v6hHA0UGcVrSj:e9mkJ1tmg/I/tkdP8sa80O42uXcVrE
Score1/10 -
-
-
Target
muzhiwanapp.apk
-
Size
6.7MB
-
MD5
f166fff17a539f053550965c87c42054
-
SHA1
8be071793576b6e324db218f02a017439fe826a3
-
SHA256
efa8e431c5d5b3bda3cfc0da4392d14ef447643412bbea22536a155c7aae82b4
-
SHA512
26869689b5a58e52e63d95b07cf04f560c4580e9bd408a432a61acace492201ffe93cb7e4166a360530eff8fa3827ae0df83ee43e30daa7f670010d59a8bab8a
-
SSDEEP
98304:thCSkJBDmTuhW+7eF0JUQ4KMB6NQP4WfxRENHpxPOJHMMC1dh4Zadvtvc8Y6dtR3:nru6wUQMBj4WfOHp+HPC1z4mkKdYIx
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
-
-
Target
mzw_d
-
Size
59KB
-
MD5
b2a8fd2dba92c8f75869f79c70d441da
-
SHA1
faaf88b3c3653fc205a3a125ccb77fbc87b76215
-
SHA256
2514431fe50d909ac1385e07341ed8878b5f2400df151df5a43a59b98a31ea02
-
SHA512
a66893a5bb935dfefdc12ea32c2407cf9d8d040ff82852b415c599beb94d002ce77ec15bbac3f78ae6758a8c7f5e83c799ad84fb8ce2e6763da88a9bb20aa7b6
-
SSDEEP
1536:zsgtqpcH/obgLKxe7wust6XTyLaFcBowg/pL2Nka2MXX3C:zsqqKH/BKxXMXTym/pyKiXnC
Score1/10 -
-
-
Target
mzw_g
-
Size
42KB
-
MD5
c04d422c5a4bf58a127bbf2bf014965c
-
SHA1
3b1f3f4ad21fe0febe567e5a56996a7e61658cf9
-
SHA256
7a28fd857e1283e351d37931cc6e23cd6de5ad2fd4d3d23337a6f162b07f3978
-
SHA512
6cb2768a8344e3da470472ea906b5be2e33a24384efe35cdc3c0b0c24351c3b34444a4d2d6a9e21c48927b85554aaa3904fb0361071c0711841565222253e0a8
-
SSDEEP
768:ccPeR+EU5maX9WkB/gUrXFWLKxe7X+Fu9hRv6Xf3QpD+X7aFkuzkjEC:ccPeRiNWkZbgLKxe7wuzt6XCyLaFm3
Score1/10 -
-
-
Target
stasdk_core
-
Size
2.1MB
-
MD5
7219500f857b0c418b074759ba44301e
-
SHA1
07f557bc3d839260caf921852618ac762fef262d
-
SHA256
d8c32e40ba04065dd62cae8495eb47d1c251a6bc830778f80eb06ae07f04563f
-
SHA512
6086cfbeb32e3ded98d89c0f0bc01fac10e6036874e1c8e0ecb41864e62b00df5a32f9a3aa7bf126f6b8f1393db48abaf94ce528cf0686a3946b139bc50c8a68
-
SSDEEP
49152:CzrcZzVCuS4++IpMKWnL0qRIZvwukk/icrtb+OPpGF:CzGzoB+I+dnL1RIOu9icyF
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
-
-
Target
bdxadsdk.jar
-
Size
85KB
-
MD5
3c850ffec5bdd850f123077ca210a411
-
SHA1
1c1ae4678b8a3b65640f047cb1bd72bc70d66f97
-
SHA256
516023ce55fff40074d3c3d9016c023b1fc7dfba2b59c172f89141f1484d418e
-
SHA512
aa3611687b6140ee9214392a84bc1ef55a6425a84a4e413dfcb2e936a931b9015e1e4ec53ad73539d26622427f9e6da0eae5c58ffc18285de42fc15639d786dd
-
SSDEEP
1536:E4A1vm52J1h/mgxeek9/Ckkf1THL8BNbM/DXO8Q/3yJ463v6hHA0UGcVrSj:e9mkJ1tmg/I/tkdP8sa80O42uXcVrE
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
142KB
-
MD5
f0b930680aa93a62bb77d1916e64a3d7
-
SHA1
fc30b5641b8d32e4efeaf409d07a4d520a95a6da
-
SHA256
8f109682334d43d811c7d56620c5eb30c9bc1a89f3f36b91232aeb142a6f6ba7
-
SHA512
2a503f3aefd5ed8634dbc85cd952d10625e4bc18badc0661c7cfcc3345cfb43ba1e153d9fb264703e4cf0d6c40ac601942e841b9537125072f884c283adb5b99
-
SSDEEP
3072:mZmii8gAi97ZHbwRILfiNJkAzzBdtCQnm:m8B99TZA/3m
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1