8d1c71b476c555933681f792d5f82c2135a46ae02e87fdd625b7c9be8ad28eb2

Sharing

Copy URL

Twitter E-mail

General

Target

dfb71c67d19ef5103118e7e8d3a9a1f3_JaffaCakes118
Size

13.4MB
Sample

240914-hz3bcssajk
MD5

dfb71c67d19ef5103118e7e8d3a9a1f3
SHA1

c1c1c0aee41e465bf51c02fb7215e094e88ac5d0
SHA256

8d1c71b476c555933681f792d5f82c2135a46ae02e87fdd625b7c9be8ad28eb2
SHA512

270da560e3b21573ba7e8ef8e0a1bb625a21ca31377a91a7e259ba24cbbcd549007b656b2c0e6dc9c1fe5357e0db1344f52d1231a899c2804b61fe16d091d17c
SSDEEP

393216:maWhtZ3U7c7okMPK36Sw0nrfqNS22KHS4FEbDU:mJZ3UA75DqM28U

Score

7^/10

Malware Config

Targets

- Target
  
  dfb71c67d19ef5103118e7e8d3a9a1f3_JaffaCakes118
- Size
  
  13.4MB
- MD5
  
  dfb71c67d19ef5103118e7e8d3a9a1f3
- SHA1
  
  c1c1c0aee41e465bf51c02fb7215e094e88ac5d0
- SHA256
  
  8d1c71b476c555933681f792d5f82c2135a46ae02e87fdd625b7c9be8ad28eb2
- SHA512
  
  270da560e3b21573ba7e8ef8e0a1bb625a21ca31377a91a7e259ba24cbbcd549007b656b2c0e6dc9c1fe5357e0db1344f52d1231a899c2804b61fe16d091d17c
- SSDEEP
  
  393216:maWhtZ3U7c7okMPK36Sw0nrfqNS22KHS4FEbDU:mJZ3UA75DqM28U
Score

1^/10
behavioral1 behavioral2
- Target
  
  com.qihoo.appstore.pay.lite.apk
- Size
  
  260KB
- MD5
  
  2440eb04289baccc027a4ec684d2a14e
- SHA1
  
  4727a55de77c8e779849f6976084c4fa8ace3830
- SHA256
  
  fd1fa6bda15e3145f109a643032a43c6d6f0576e2827d15685c934b82e2137b2
- SHA512
  
  c09a345d9aaeae7298ca4a0b8533627b4d9d652212b5e76a37a09db3cafa29e3c7163c4e0fbd4f05ba03a781a6f7037609fd77c1bc03cff69cd4dc33a0a37719
- SSDEEP
  
  6144:garGZOh0LeG1d3rUjjCXf7FyZwRMWgigaHjUNA2OcMMmIWmKVQlQ:gYADd3rMWinWgi1INyNMcmo
Score

6^/10

discovery impact
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral3 behavioral4
- Target
  
  com.qihoo.plugin.splash.apk
- Size
  
  448KB
- MD5
  
  c2113e90fb97212c968fbab23cd8ba5c
- SHA1
  
  c7a0854d096f549b93b0e6bf28e36ff7fe27bc43
- SHA256
  
  b6682034e1fcfe8f448a2a604c3dc473d842732bfb34b53377d43e418a001a6e
- SHA512
  
  0bdc8398dae373d48d84601eacced88b5eeddde469f46ee87d0c6fa16bbc6e1f91db863c1345e2a70152dc38d8c4ce9c01f4981d67daeea1fb3f82a03d25ba02
- SSDEEP
  
  12288:MhDEVb5D8huxi+gq6NMiB4rOZXL9dZ+N/st4IFAkvPQL:juhv7q6NMNrOpTkN/st/Lq
Score

7^/10

banker discovery evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral5 behavioral6 behavioral7
- Target
  
  com.qihoo360.mobilesafe.appwatcher.apk
- Size
  
  57KB
- MD5
  
  1ae1ae9f97b5809dd8456878f0cf28dd
- SHA1
  
  69278f2a15e9c7e01b6639bbc997716bbde307dc
- SHA256
  
  5b586de6ee4db4bce5f3f0c56511c726fb7deb3ea0db83c33e83ccbc60842c5c
- SHA512
  
  f6c350053047a594204a23b5ef69d5c0d03723a3c2f819c53b87c52cea0e0e19c5a776a089bd5e639107c0ef51c00962fa2341cc63ed7a125b2f87e667d6a965
- SSDEEP
  
  1536:7+0YY5B84TGCraiSVfPjcfbt1Cw2o0pkJZ7USIYo9vylwh:7+SBVzGS72uZ7nxqh
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  com.qihoo360.mobilesafe.chargescreensvc.apk
- Size
  
  150KB
- MD5
  
  da300f9190d20a13eba31839162292f1
- SHA1
  
  7bc735f05e558c0e70bb4c9dfcc81c5b70975500
- SHA256
  
  9250610e75fb8296469df81483f9d38ac87b65d351f4d049f7c13fc057b6702f
- SHA512
  
  0a755dcfc6cf7d48ac608ce505acf31d50bb8cd0f6bf4aff5c087bc32ba78a93aef7d792f9b5a2dd566ef6080be7cf4fb9243555ffa1633dfe8ea9c8f118140d
- SSDEEP
  
  3072:BorAAjelZDmcsQWPt9Yd9og6kXrcqZWA0u1N9Ph0WCl7IMo4:BorQGxV9q9og6kX9Cudh8IMD
Score

1^/10
behavioral11 behavioral12 behavioral13
- Target
  
  com.qihoo360.mobilesafe.homepage.apk
- Size
  
  1.5MB
- MD5
  
  1551ff72b024b80c08ddf1ae6465f825
- SHA1
  
  1000b0fb01b3220f6e9910a6ceee74d594191b90
- SHA256
  
  f88ea72e203615fbdd39eadacd1a3077c88ac735377428970c0fcaafc93c8f64
- SHA512
  
  89ec36eb7560d84f1be3972e7492418ac455eb717d9dc0d0615ab6f6540017772ee42a4fb7048f4f9bd1785ab439aa3d65bb129736e73c7d299caaea8fe25c1f
- SSDEEP
  
  49152:2wG+rRsMJrpSm76ydcflfvKZ+JdBEpD2hB:NG+9RRz76ydKlfvKZ+76pD2H
Score

1^/10
behavioral14 behavioral15 behavioral16
- Target
  
  com.qihoo360.mobilesafe.recommend.apk
- Size
  
  2.0MB
- MD5
  
  07f6b8cbdd94c6b31ac3d12215b450e5
- SHA1
  
  bad6ef832b15006c9d6d4fdb282eef2dd8393ad4
- SHA256
  
  8c4f66d062e4df5a8f8975d60705e2cfdabb20db4533ee2a4baedda88fdaefd7
- SHA512
  
  485666409815a42b59a88c32e250018f836dfcb26a842c5f90184d18df5dbbcb6223a57183c78f8dcac8cd62819f199464bda5cf3409fd7565b9fbc59b1fc03f
- SSDEEP
  
  24576:60Klsmc4NAW1PXtYx+IOD+KYdEabIAzDIX2m9h33jWN/PR2naUpy5bd3VCz+c5:ylsm1tYxQ6MDV3ClPgar5bBVCzv5
Score

1^/10
behavioral17 behavioral18 behavioral19
- Target
  
  com.qihoo360.mobilesafe.search.apk
- Size
  
  660KB
- MD5
  
  81ec4c34bb7d5014b65ec473d626250e
- SHA1
  
  8af7496f573e7a96cd58e6f16211ba3279c005b1
- SHA256
  
  9e7662ce2d232f7e8fc82799c09e7af7783899bb5a272429c9b038c063260ba2
- SHA512
  
  ed37dd9e4e0ebf3476c40b657ace1c958ace8c9f34d4ec68cbedba727545c346cec895acb8386f2b5d4523364a5867ed60b7fb0797d44a718f3b6106ef9bef5b
- SSDEEP
  
  12288:Q/k+/Jo+BhAcpoEeV7hMhUQgewKYc0rTcR17TYhQm9iWbINC:M/2nZ7Zh8U7cJb17TRNC
Score

1^/10
behavioral20 behavioral21 behavioral22

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Tasks

Sharing

General

Malware Config

Targets

Queries information about the current Wi-Fi connection

Loads dropped Dex/Jar

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22