General

  • Target

    8bdc7722614c12b7c9548194a38cfed2_JaffaCakes118

  • Size

    18.0MB

  • Sample

    240601-1e4b2afe7v

  • MD5

    8bdc7722614c12b7c9548194a38cfed2

  • SHA1

    b98fd7710f11c3997564c17bd22d7f36621d2d44

  • SHA256

    976f7fac370a301e0ae0408eef64ae20aabacf4ed48399a7239f84884a87acb9

  • SHA512

    0083c96ddf18e3a659d9ed9c79cc66898250ab6c66883f73266e14615e9c8316b53c8c0850cbb185a1a6254d6f2776cac93fc52bd5708dd2d9cd10422d3f8ab3

  • SSDEEP

    393216:RH5uBgaM2VSGjgrfD2sYtXV8htkqyxcfeCHxQ4Z56xGOaSywTd5oEIoB2vQ:RZuBgagDYtXSht5VwY3UTPIoF

Malware Config

Targets

    • Target

      8bdc7722614c12b7c9548194a38cfed2_JaffaCakes118

    • Size

      18.0MB

    • MD5

      8bdc7722614c12b7c9548194a38cfed2

    • SHA1

      b98fd7710f11c3997564c17bd22d7f36621d2d44

    • SHA256

      976f7fac370a301e0ae0408eef64ae20aabacf4ed48399a7239f84884a87acb9

    • SHA512

      0083c96ddf18e3a659d9ed9c79cc66898250ab6c66883f73266e14615e9c8316b53c8c0850cbb185a1a6254d6f2776cac93fc52bd5708dd2d9cd10422d3f8ab3

    • SSDEEP

      393216:RH5uBgaM2VSGjgrfD2sYtXV8htkqyxcfeCHxQ4Z56xGOaSywTd5oEIoB2vQ:RZuBgagDYtXSht5VwY3UTPIoF

    Score
    7/10
    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the phone number (MSISDN for GSM devices)

    • Target

      bdxadsdk.jar

    • Size

      85KB

    • MD5

      3c850ffec5bdd850f123077ca210a411

    • SHA1

      1c1ae4678b8a3b65640f047cb1bd72bc70d66f97

    • SHA256

      516023ce55fff40074d3c3d9016c023b1fc7dfba2b59c172f89141f1484d418e

    • SHA512

      aa3611687b6140ee9214392a84bc1ef55a6425a84a4e413dfcb2e936a931b9015e1e4ec53ad73539d26622427f9e6da0eae5c58ffc18285de42fc15639d786dd

    • SSDEEP

      1536:E4A1vm52J1h/mgxeek9/Ckkf1THL8BNbM/DXO8Q/3yJ463v6hHA0UGcVrSj:e9mkJ1tmg/I/tkdP8sa80O42uXcVrE

    Score
    1/10
    • Target

      muzhiwanapp.apk

    • Size

      7.6MB

    • MD5

      c3229fb323240d6e1e76777fbe0a9295

    • SHA1

      5c664e6942479ca35c25d8b315a075f36a1d90e4

    • SHA256

      7c0d0a3e65ce73b3f365a644cd86b56324d368e47049b04c2ba80d73ccb6d1fb

    • SHA512

      cf4309e0fa7aada4fe27cbc0d5d1dd9d9c41cdab459a02c7d205f3d47283e74c303242c148aac12f8badade9e854eff393a77309895f0132de34adbe3d6b02b4

    • SSDEEP

      196608:E29yNmkMvAdxRIZJ/kZNHJN37TlSTcduZYNxLWO:E1VMvIaZiDJdXlSoXxSO

    Score
    6/10
    • Checks if the internet connection is available

    • Target

      mzw_d

    • Size

      59KB

    • MD5

      b2a8fd2dba92c8f75869f79c70d441da

    • SHA1

      faaf88b3c3653fc205a3a125ccb77fbc87b76215

    • SHA256

      2514431fe50d909ac1385e07341ed8878b5f2400df151df5a43a59b98a31ea02

    • SHA512

      a66893a5bb935dfefdc12ea32c2407cf9d8d040ff82852b415c599beb94d002ce77ec15bbac3f78ae6758a8c7f5e83c799ad84fb8ce2e6763da88a9bb20aa7b6

    • SSDEEP

      1536:zsgtqpcH/obgLKxe7wust6XTyLaFcBowg/pL2Nka2MXX3C:zsqqKH/BKxXMXTym/pyKiXnC

    Score
    1/10
    • Target

      mzw_g

    • Size

      42KB

    • MD5

      c04d422c5a4bf58a127bbf2bf014965c

    • SHA1

      3b1f3f4ad21fe0febe567e5a56996a7e61658cf9

    • SHA256

      7a28fd857e1283e351d37931cc6e23cd6de5ad2fd4d3d23337a6f162b07f3978

    • SHA512

      6cb2768a8344e3da470472ea906b5be2e33a24384efe35cdc3c0b0c24351c3b34444a4d2d6a9e21c48927b85554aaa3904fb0361071c0711841565222253e0a8

    • SSDEEP

      768:ccPeR+EU5maX9WkB/gUrXFWLKxe7X+Fu9hRv6Xf3QpD+X7aFkuzkjEC:ccPeRiNWkZbgLKxe7wuzt6XCyLaFm3

    Score
    1/10
    • Target

      stasdk_core

    • Size

      1.8MB

    • MD5

      8ec43e10005ec4bc91c4e45b8e68e304

    • SHA1

      66fb42cb11e77900e55cbd4a8e247841dad1c5ea

    • SHA256

      18d90827352cf0ed3084c4f1f94d98026908f674914889e1e58c2ac5e68be63f

    • SHA512

      6077f32c03361faa552bde6c7cb9676c6393a9b7a30a9622095e6eb93da484b29fd75edd955523c8b51d4e86fe4a19fbce5cc456f7612162dbdec76e43b563d6

    • SSDEEP

      49152:kORoNccoT875hzBwbAqEAdBXrcZzVCuSow:kORo6kha0qjXGzoow

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Target

      bdxadsdk.jar

    • Size

      85KB

    • MD5

      3c850ffec5bdd850f123077ca210a411

    • SHA1

      1c1ae4678b8a3b65640f047cb1bd72bc70d66f97

    • SHA256

      516023ce55fff40074d3c3d9016c023b1fc7dfba2b59c172f89141f1484d418e

    • SHA512

      aa3611687b6140ee9214392a84bc1ef55a6425a84a4e413dfcb2e936a931b9015e1e4ec53ad73539d26622427f9e6da0eae5c58ffc18285de42fc15639d786dd

    • SSDEEP

      1536:E4A1vm52J1h/mgxeek9/Ckkf1THL8BNbM/DXO8Q/3yJ463v6hHA0UGcVrSj:e9mkJ1tmg/I/tkdP8sa80O42uXcVrE

    Score
    1/10
    • Target

      gdtadv2.jar

    • Size

      142KB

    • MD5

      f0b930680aa93a62bb77d1916e64a3d7

    • SHA1

      fc30b5641b8d32e4efeaf409d07a4d520a95a6da

    • SHA256

      8f109682334d43d811c7d56620c5eb30c9bc1a89f3f36b91232aeb142a6f6ba7

    • SHA512

      2a503f3aefd5ed8634dbc85cd952d10625e4bc18badc0661c7cfcc3345cfb43ba1e153d9fb264703e4cf0d6c40ac601942e841b9537125072f884c283adb5b99

    • SSDEEP

      3072:mZmii8gAi97ZHbwRILfiNJkAzzBdtCQnm:m8B99TZA/3m

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks