3bf3399a685e0aec6ce84e5a6c09fb6b686bb48cd01abe77c5daf15bddac3775 | Triage

Sharing

General

Target

119300684b3f52766ba3ad2def413866_JaffaCakes118
Size

5.3MB
Sample

241004-dkzjpsvekh
MD5

119300684b3f52766ba3ad2def413866
SHA1

15da22bcc9459907374acb9d57de4058ef7fd4db
SHA256

3bf3399a685e0aec6ce84e5a6c09fb6b686bb48cd01abe77c5daf15bddac3775
SHA512

14eae855064f0d25dc4b18fe618d7a41951061d63116cf9ccb01a2a0526d71ddeffc773619a066bf02ce650f94988bce08effe6c8b1ef748daf235481c3e9304
SSDEEP

98304:wV8V8hYtfVcVcF1m2MqJ2tQMSEBhWIa/cJBJ0XdbLRSbj40j7iscraCpR:wWnxm2MpVdBha/cJBWBLBQ7iscGo

Score

7^/10

android banker discovery evasion impact persistence

Malware Config

Targets

- Target
  
  119300684b3f52766ba3ad2def413866_JaffaCakes118
- Size
  
  5.3MB
- MD5
  
  119300684b3f52766ba3ad2def413866
- SHA1
  
  15da22bcc9459907374acb9d57de4058ef7fd4db
- SHA256
  
  3bf3399a685e0aec6ce84e5a6c09fb6b686bb48cd01abe77c5daf15bddac3775
- SHA512
  
  14eae855064f0d25dc4b18fe618d7a41951061d63116cf9ccb01a2a0526d71ddeffc773619a066bf02ce650f94988bce08effe6c8b1ef748daf235481c3e9304
- SSDEEP
  
  98304:wV8V8hYtfVcVcF1m2MqJ2tQMSEBhWIa/cJBJ0XdbLRSbj40j7iscraCpR:wWnxm2MpVdBha/cJBWBLBQ7iscGo
Score

7^/10

banker discovery evasion impact persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral1 behavioral2
- Target
  
  global.jar
- Size
  
  243KB
- MD5
  
  c7436acadb9035cc3d628cd0f38a3f15
- SHA1
  
  8bc75f4401bcba16f27fda7884969822c4566ae2
- SHA256
  
  459c559bd00ae4b6cb880adac7f50cad36c81b3fcf647a3112d126d1684682cc
- SHA512
  
  568f238f722c5321501b2f078a758f54830d5cd70781cb6267a03bfff3bc55dd6a243ecd74570eb223f7af702fa455edc97ebf7877ce4258f5ea61072ebf7f50
- SSDEEP
  
  6144:QaeJdm7hV3Bqe5GmIDWQaeJdp7hVMBqe5Gmk:T0dmlV3YRzDWT0dplVMYRn
Score

1^/10
behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Process Discovery

Software Discovery

Security Software Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

bankerdiscoveryevasionimpactpersistence

behavioral2

bankerdiscoveryevasionimpact

behavioral3