69670810206e5f88856ae31a43abffe7643e74eeb1142724017f54f9d5a78c32 | Triage

Sharing

General

Target

2dd5c1c7bcce6fa7a99ec1d7eaa9c408_JaffaCakes118
Size

18.0MB
Sample

241009-j9qkzsyaqr
MD5

2dd5c1c7bcce6fa7a99ec1d7eaa9c408
SHA1

3a114948749b2bc2cd0695d2b3c9e203022c4214
SHA256

69670810206e5f88856ae31a43abffe7643e74eeb1142724017f54f9d5a78c32
SHA512

63f38ccc06210f04b3374a28d5a7f8a643bdb8542d37075e27ff8df2fd0310afad06807b6aec2f50d9c1415ec69cfbc60b20e3e0ecc878215293d88fab67688e
SSDEEP

393216:pX4xaIIgWkoVc20q680bqvA3PK7f1V/h+B0OjdbnQG6Nq1pl4JtKyaY9Dh/:KLVJoVc20q680bD/YfXZ+BVdbnQ9ol4H

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  2dd5c1c7bcce6fa7a99ec1d7eaa9c408_JaffaCakes118
- Size
  
  18.0MB
- MD5
  
  2dd5c1c7bcce6fa7a99ec1d7eaa9c408
- SHA1
  
  3a114948749b2bc2cd0695d2b3c9e203022c4214
- SHA256
  
  69670810206e5f88856ae31a43abffe7643e74eeb1142724017f54f9d5a78c32
- SHA512
  
  63f38ccc06210f04b3374a28d5a7f8a643bdb8542d37075e27ff8df2fd0310afad06807b6aec2f50d9c1415ec69cfbc60b20e3e0ecc878215293d88fab67688e
- SSDEEP
  
  393216:pX4xaIIgWkoVc20q680bqvA3PK7f1V/h+B0OjdbnQG6Nq1pl4JtKyaY9Dh/:KLVJoVc20q680bD/YfXZ+BVdbnQ9ol4H
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral1
- Target
  
  bookmark.jar
- Size
  
  82KB
- MD5
  
  e069374f41e52dfc33dd93a014b04e63
- SHA1
  
  ff4262b52ae9deb3bfdb9e30b942fc3c44a6cc7c
- SHA256
  
  40acfc7c21b58428a20edfb03433dc5ec108644336c3655bc1a870ef4f4c8880
- SHA512
  
  86111dce09509e26b1532ac18fa1ddf931194a17da07a105fa6c6968d17b11ba4ed82efb56d393b3e5630f84c3f607ba9804f188d4a2181465bea622230a1051
- SSDEEP
  
  1536:INYkhF8Jajeqxl+epYvA292XvbtM2hl9A7wmAkz0hp5nuHa45Gt9Vtmr+uHE:Ej8Jajtl+o296vbm2hl9ARAkzqpU+HvF
Score

1^/10
behavioral2 behavioral3 behavioral4
- Target
  
  emergency.jar
- Size
  
  14KB
- MD5
  
  ec9ed53f447884c573e87c6e6299e677
- SHA1
  
  b721af2309e0938539e9fe11161b6775f54f8826
- SHA256
  
  3ffc7cbbf8c6004c667fd1f912e0ec19708733c8e12c3037a458e4bf3350d6e1
- SHA512
  
  d094e0743892e56ef6106d4bdb3cc722a3115d9ce560474cda478d6053eb2f139b8ac526a5c6dc18f375c25d2c3a69cf30a0eca94b6b8d31c8151692554601d1
- SSDEEP
  
  192:91dh1jx1S5XLTlbGFualuACTe7tEjP+efkAKOXhP5l3C6Jqwyfc38trmfQm2xyqc:91z1j6NCKeiWHyJPXMtqfqxxqpUart
Score

1^/10
behavioral5 behavioral6 behavioral7
- Target
  
  filemgr.jar
- Size
  
  167KB
- MD5
  
  9940e5d9549bb45b411875b355c0f263
- SHA1
  
  555fdc9a1f245bc985ecb328167bf9fd2ac94758
- SHA256
  
  c3fa754274c8b088bfcb6794cdbec73fa38c5d0b4dd539ff7b8531946c0dddb9
- SHA512
  
  ec48d9b453710ac4931c8bbd5e60ece4f71e37dc62bfd02dcb6e0c36a1d43d7e814fa4aaabe696998c9b72669d67a67d0a352eadf4549f6636d6bdf258e37734
- SSDEEP
  
  3072:SXOO2ri8kDa+OVZCgC7zPN8wDIya8bZmuWyTwYoVtIFtf+NnlR45Mz4:XriPDa+O/C9PPN8wDTbZmu9EYoDAtf00
Score

1^/10
behavioral10 behavioral8 behavioral9
- Target
  
  shenma.jar
- Size
  
  439KB
- MD5
  
  ea2da9214d31db9d82ea0e0ee3982af5
- SHA1
  
  27b668b67016467a9af28ddba70014d612050850
- SHA256
  
  1aed1d44fd0bc6cb13aeb21b9e249aac49560e84bb3bb4b2fcef5818ecb63986
- SHA512
  
  14f5ca316372a0325a4e57620081b0c20702e5f184f160be91ad6f0eff64c7bcf0c0bdc5f0efefdaa2e9e0364a46bd866d91af104aef36f74d474747c247b342
- SSDEEP
  
  6144:kmyZdwxwHuhHunh6rZIZTS/uN0u1M05psoVlcAdUoLAsKaXBlIkp1H2s3JyQjk/V:km4dNWe6s6/u1EoDbx7Z5BQ/g/oEspL
Score

6^/10

discovery
- Queries information about active data network
  discovery
behavioral11
- Target
  
  skin.jar
- Size
  
  24KB
- MD5
  
  3125b6aca9c6272f19231cb305516a26
- SHA1
  
  09b324666d21be72bf1584cbbd59e4c3f3c9b960
- SHA256
  
  809c745798d5e672eb23d363314c5e2861cde2fdf3a789489c9811e4ccfec915
- SHA512
  
  81b8bb3cc0f5bd4544d146c089397a221b1b4871ac1e4c1ca6e65021ac18fe2be028cd6ef3a21b130386d1c8484cacbf40b44bc3ecef0a3789eb8d5314a6828a
- SSDEEP
  
  768:/bE3X2Mw9GBhvYOasOfdaJms3CdCvdh2DA:/bgbhYO5OfUp3HGA
Score

1^/10
behavioral12 behavioral13 behavioral14
- Target
  
  video.jar
- Size
  
  483KB
- MD5
  
  e23c0976c5186de2bb7e5921c47df128
- SHA1
  
  32d8ac4d4610ac62e0fd059bccd820b8b5aaa195
- SHA256
  
  7659c37eedaf98d99936748691eb17d95c87f23246ddeccf1356147ace08bae6
- SHA512
  
  a48dd60d496f2bfb801988afd6831e4fe206ba82b98f7666d857ab2c9f9ccad6c7ecdbb6e16f6968eb3ba8208bfbe9d41cff9b7fb36bab62ec769d4779725b6a
- SSDEEP
  
  12288:X2D+26qMw9udPlfdgvNuT6KMB5Kz0iPQIVizRVhBsqRw:mD+26qx9MVMJKMB5KHPQPzV+qRw
Score

1^/10
behavioral15 behavioral16 behavioral17

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17