0b16edf35039189ca38c7dbc280ed08401e16a6d88b994e0473f2b37b69e0ed3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b93829edf928ea2296ca48202c5bbf1_JaffaCakes118
Size

14.1MB
Sample

240601-yldnvadc2y
MD5

8b93829edf928ea2296ca48202c5bbf1
SHA1

c48755e94080d4a587bde4b5f21e8467b0206b98
SHA256

0b16edf35039189ca38c7dbc280ed08401e16a6d88b994e0473f2b37b69e0ed3
SHA512

7eebd7a8be96df60d8d3edbfa5db682df227ac7b514f03df73cf54afa8ccf550560c1c3aca21f50baee6ee1060969d531bf163b933a9349b0fa86e61ece68372
SSDEEP

393216:5978k0nVyDs3GNjA1EIl70OXHg4btiahszcuC:L50VShYKGKzC

Score

8^/10

android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  8b93829edf928ea2296ca48202c5bbf1_JaffaCakes118
- Size
  
  14.1MB
- MD5
  
  8b93829edf928ea2296ca48202c5bbf1
- SHA1
  
  c48755e94080d4a587bde4b5f21e8467b0206b98
- SHA256
  
  0b16edf35039189ca38c7dbc280ed08401e16a6d88b994e0473f2b37b69e0ed3
- SHA512
  
  7eebd7a8be96df60d8d3edbfa5db682df227ac7b514f03df73cf54afa8ccf550560c1c3aca21f50baee6ee1060969d531bf163b933a9349b0fa86e61ece68372
- SSDEEP
  
  393216:5978k0nVyDs3GNjA1EIl70OXHg4btiahszcuC:L50VShYKGKzC
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
behavioral1
- Target
  
  AdServer.apk
- Size
  
  1.1MB
- MD5
  
  1b9b2b274254d5f4d4ffc90ecd0fdcf9
- SHA1
  
  ed852255dbdd8cfcd40230232e259653afb37134
- SHA256
  
  3a694a467419b0c3c7e99890eecc774dbf8abbec5eabac45f3d0d5ce3a296783
- SHA512
  
  b11b9e86c07a91edce148ac61def0cbf81cf0f5de2ab2d93c46ef891b581bc597b1677b0edb1bdb88cfa652e5a39d61bda5475d2d6e83ac887f8f34c1f3572c4
- SSDEEP
  
  24576:yeJhUIrr48i07boDtV7efCr8vTbmTttkKilyMtnqjAysPf0+fm4Hf4:Vr4830tV7ear830tup4anq9a3m4Hw
Score

1^/10
behavioral2
- Target
  
  BannerPlugin-3.4.apk
- Size
  
  41KB
- MD5
  
  a84957adcd2955e0456e0e2afe53221e
- SHA1
  
  e6d87e272b5e1d30594e7b9454d6d2cec426255c
- SHA256
  
  e24fe822781a1d4975ef5b28ef73251d4fc762d431dc51f862a704bb481a199e
- SHA512
  
  eb6fb6d9856ded13140ee3f494b62e6492575db01515d75e4d4ddcdc918cf08b4cc591b982553364e41fa0c48dfa3d02eeb70511defe33a6b8be8ba1376221bf
- SSDEEP
  
  768:efCpEB2It03WP8n8fLls63R0usKfQPxqiCBmeilpLJZttUUQ:a+EB2NKlsAU6CqiCgNt/Q
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  CommonPlugin-5.0.apk
- Size
  
  188KB
- MD5
  
  2678f36eeb56f29c97d566e605442334
- SHA1
  
  f245da3bf404a8fff22982692b181bdea1f6b233
- SHA256
  
  a6434fffaadbfb1d1825c49dbfd252b7c7fd80f71e8d982e28292f887234f12d
- SHA512
  
  ddee5d732934c51ee3ff18369779c77a6cc8bc0bd774a628366b7e3323b5a3ef48b4b471654a86a862d1e411fef6b09a0b3981d38ba591a10e58c87be28ca347
- SSDEEP
  
  3072:3gOBBnthob8jgXqEows4BjQKHOS04bNK20T18mkeLHHpe5WVvgsfB+VSbD:3LVLoeouws4qSOS0yNK28amkeLGWRpfJ
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  InsertPlugin-3.2.apk
- Size
  
  44KB
- MD5
  
  02af7f8f9725098e82f34b9942c221e5
- SHA1
  
  a3e527192d44983e3cc864095e426dfb0126b288
- SHA256
  
  e0fa91039ccb94cd61eb73e8e7bd35c637b7ee893c57483f825b1fab6ba79383
- SHA512
  
  c546450e04a386eae41c9960c82e5e418added8908affe080dc8ca394c542d92281af530aaddafefe22ead8276f4c78806847acc9c53e244ffef4621e1f7c46f
- SSDEEP
  
  768:qSFc35GsyNMCIt03WP8a07dCznRiH1m2Qy87mrCfmU9AH:NF/sWMCNHdCDRQhb8SamUs
Score

1^/10
behavioral10 behavioral11 behavioral9
- Target
  
  WelcomePlugin-3.6.apk
- Size
  
  32KB
- MD5
  
  584e3c9229e755408fc518033c24dc48
- SHA1
  
  d869c08f204fe45a9e3d5af191cd337ab026bf72
- SHA256
  
  f2b4103ed39e5b4fcd9b8fbbe1ebc80140ac6619722ec5a08f6e0e4289b6b2e2
- SHA512
  
  d4c41f0dfa41c3a0b43ae74826fa090ba4548f1cd6089a180b44e8f6c70b4d7760cccbbe6bb277e11083272b5dd18d1655c93642da786234e82049500b35266c
- SSDEEP
  
  768:9TCUNrXFWLKxe7X+Fu9oRMaxr6gjUD2CF2aBvSY4ixhlW1:9TCsbgLKxe7wuKRJrIZBTZhlW1
Score

1^/10
behavioral12 behavioral13 behavioral14
- Target
  
  __xadsdk__remote__final__.jar
- Size
  
  83KB
- MD5
  
  607e65052147713115dd87f0866d504c
- SHA1
  
  5ff2a1c2ebedeb61236c56edfde6406828a05c6c
- SHA256
  
  fe2fe2810faab43ae935927bfde6faafb8c74532f760afbecff9585d4404e741
- SHA512
  
  2bc7144ac0c6dfbcf097f778ee110405d9c58f4fc4901356c2cf2622d7a4f6b12ce30a51f168962a8c81fbab9c46a65c2b219633dd2a80cc345dbf255cebf2a1
- SSDEEP
  
  1536:eKSS1UbomStT19s4G0/GZzgrF2nPOgfbexVK8RV+0XUv5VzUxwh3MPeUivu5iy:DSYsStT1ZT/ugrFsmgsHWzUxq3MPeUi8
Score

1^/10
behavioral15 behavioral16 behavioral17
- Target
  
  analytics_core.apk
- Size
  
  159KB
- MD5
  
  d2e90bb505f20fc73baf25805b0273aa
- SHA1
  
  240fbbfda194a65761baed6f3546bc4c744a1850
- SHA256
  
  77060ad812f5e6e9e896c39bc548f8295238eaa9941e1986e8e024e7d2114309
- SHA512
  
  c2ef3f79b6cfb171b0904ff8138238cbf985344d91d6d9ec35472d14233d1b108cc0234259e8286cbb099747cc8d9d2f74c8c7394ab3a6dcfc2cc95e168c8c85
- SSDEEP
  
  3072:/vnDHScqJUCqi8p27PhJkqOjvxSWnNoPuKAaSWk8V4rpCPd7H7sl3eX0emR7KDD:7ScaCioePDaZdnNdFDJCPJoKvmtiD
Score

1^/10
behavioral18
- Target
  
  gdtadv2.jar
- Size
  
  128KB
- MD5
  
  d33b3ec7def68b71f2fed86f8816651c
- SHA1
  
  0365fa5845cc259d449b33af352e858b654353c9
- SHA256
  
  83b17bee6712defbd2c6a91c4f5c8e3a4b1d9c69d7fafaa0dedff1676b4bf687
- SHA512
  
  9cb8af47bec4402a148cb4950780fb96686b79c897530316c02964d917ab92a1554a3034f186ac6da6a15a7ad1f7d7fa8ea145cae5bb1d540c877d753ba052f6
- SSDEEP
  
  3072:tlyPwIT8y7NhgXbxdo+i0kgs5jU9HlJ67B3RzUqujrasu/:tlyPwKo30lguwJYB3RzCpu/
Score

1^/10
behavioral19 behavioral20 behavioral21

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21