1cf61a68589f1025d86186df79a932f18ef5077031226c4345207d172de46aa4 | Triage

Sharing

General

Target

d68ae14c91997ba03f21e29ed7dc2ca8_JaffaCakes118
Size

30.4MB
Sample

240909-r8fcmateqm
MD5

d68ae14c91997ba03f21e29ed7dc2ca8
SHA1

9088fd2aebcd1b797f290fd47035fbb02d4561f7
SHA256

1cf61a68589f1025d86186df79a932f18ef5077031226c4345207d172de46aa4
SHA512

7bd3c122a238271bc9a18bde55c16a3273ed754cd4bb970fc24d308d8691f64445c99e77bb4430f8fef98c1a82a4a2cf8450b66a00aa13d3155e087788bcabce
SSDEEP

786432:0O5XyY11siMJNCaF0YBWLJ/9FuLR8QZlUFcdBYAvTJHk7rJOOo:RfjkbCgBwToR7gGrbMrJOOo

Score

6^/10

android discovery persistence

Malware Config

Targets

- Target
  
  d68ae14c91997ba03f21e29ed7dc2ca8_JaffaCakes118
- Size
  
  30.4MB
- MD5
  
  d68ae14c91997ba03f21e29ed7dc2ca8
- SHA1
  
  9088fd2aebcd1b797f290fd47035fbb02d4561f7
- SHA256
  
  1cf61a68589f1025d86186df79a932f18ef5077031226c4345207d172de46aa4
- SHA512
  
  7bd3c122a238271bc9a18bde55c16a3273ed754cd4bb970fc24d308d8691f64445c99e77bb4430f8fef98c1a82a4a2cf8450b66a00aa13d3155e087788bcabce
- SSDEEP
  
  786432:0O5XyY11siMJNCaF0YBWLJ/9FuLR8QZlUFcdBYAvTJHk7rJOOo:RfjkbCgBwToR7gGrbMrJOOo
Score

6^/10

persistence discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2
- Target
  
  adpsdk.apk
- Size
  
  30KB
- MD5
  
  a70e38de7f4632734e191a8f6dede493
- SHA1
  
  be11a122ac973e2d0cc24237af55605ea76a0330
- SHA256
  
  98c7e6b430330578aaf1370f541e03487428d675059bd2339eb0b8bc6099bfe6
- SHA512
  
  9be2bc0c4a81eb2f2645ee362c7038f0ea8723a295d9d92db13950c2b5acf6ad45dc5ca5391a7bf63a38f318df2755ad86d8981a4fe25c8b89159b66e5a7a602
- SSDEEP
  
  768:dRjM2Ubi5z0pgRkYGVBDu14z5yERTxa538tCAkO7A6mrA:TMf4z2UkY0aC2MtCbO7AprA
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  cn.sirius.adpsdk.loader.apk
- Size
  
  1.1MB
- MD5
  
  d59f919401b8c7e99d5d3b5fc8f857bd
- SHA1
  
  1273db35394946f67b9b81113e7b254574818fda
- SHA256
  
  fd923b557ae7b0097899e6b01f96f693613bdea7539daddf35f95366e744125c
- SHA512
  
  86f9b2db562f07f2141c0d6a000c0771535e22bd659ee19fd333ec8e0f27898b610e24ef1bd3d462fac51c64a58841337d553aaf979685db90df0ee1c93c2b7b
- SSDEEP
  
  24576:2X1OaDSeDSe/vwLzaXsC5bGRSdhNSKVRf+LGKug9GjD85Bf56Kcb:ZKSeDjIvaXRlGRSd+ug9Gf8t+
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  libcn.sirius.adpsdk.adp.so
- Size
  
  755KB
- MD5
  
  ba383ba773be95643b17f1799ffb1a1c
- SHA1
  
  239903eef12ec4790cf8b6ac953b3ed2fc1611a4
- SHA256
  
  c94db7e86ad45217b7a4f7a7ca2dab65d8f6e0c03a7114ec7c19f775662ee1f0
- SHA512
  
  fac1703bff3f68a33bc48e49e97091b4be343d9da2f10f227f488636eb5186c1515714a08eeff8b3cdf49ed85d52647944de3742098299d9ebe47b27fb1406d6
- SSDEEP
  
  12288:qWNUSwwZne93wKDTsMegftgswNmQMgQ/NCWZxU2ogqbcaJ8dFvlYxUeYt1RZs4B:xNUSwwZi3DIof3wNLMPCWwb5SdFNY+vp
Score

1^/10
behavioral10 behavioral11 behavioral9
- Target
  
  libcn.sirius.adpsdk.update.so
- Size
  
  25KB
- MD5
  
  b2d0b539e558d2018615304582e05216
- SHA1
  
  2a26b413e38b483624b8484d9730303ba53c8107
- SHA256
  
  b41a5a87b96e7293b34789b7adf6c958e16516c8bca146b01cc88abc00d7450a
- SHA512
  
  987115659e5c0ceca8d24376de2f368c9d7b810cf8ab4fe3f9d8eaee18a3e7a26b5e2e75f26f3a6fe4ec52e068200f3294621c0fa32d9d6d78d4ad2aa0b8f887
- SSDEEP
  
  768:h4+JeY1n9NljKQY0hfAOZ3sTdjJ7boS0Sz3o:q+Jxn9N8yfNsTV90dS8
Score

1^/10
behavioral12 behavioral13 behavioral14

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14