2dcc65c4514b720cf8c84f52e8447f0b58637e4d389772cfe98379f0429b3ade

General

Target

be4628b0307f24ec29985874a584b2e6_JaffaCakes118
Size

16.1MB
Sample

241203-t38hbsyphn
MD5

be4628b0307f24ec29985874a584b2e6
SHA1

a2364c911ee991c1f623a93d29f53cdff33cc5df
SHA256

2dcc65c4514b720cf8c84f52e8447f0b58637e4d389772cfe98379f0429b3ade
SHA512

692a0cf37c4203db9e1da6fc32ee231ac0031d309ec3c3ac4dbc7ca12a0f8ffc87bad0cb17a502821d98b39b00939350f477417403eefd7ea3b850d3810980cf
SSDEEP

393216:eK83miZWUaG/n9jBm4o/mknT05J6tS2LEI:j83zZzR9jkJvTQctHt

Score

8^/10

Malware Config

Targets

- Target
  
  be4628b0307f24ec29985874a584b2e6_JaffaCakes118
- Size
  
  16.1MB
- MD5
  
  be4628b0307f24ec29985874a584b2e6
- SHA1
  
  a2364c911ee991c1f623a93d29f53cdff33cc5df
- SHA256
  
  2dcc65c4514b720cf8c84f52e8447f0b58637e4d389772cfe98379f0429b3ade
- SHA512
  
  692a0cf37c4203db9e1da6fc32ee231ac0031d309ec3c3ac4dbc7ca12a0f8ffc87bad0cb17a502821d98b39b00939350f477417403eefd7ea3b850d3810980cf
- SSDEEP
  
  393216:eK83miZWUaG/n9jBm4o/mknT05J6tS2LEI:j83zZzR9jkJvTQctHt
Score

8^/10

banker discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
behavioral1
- Target
  
  GameClean.apk
- Size
  
  847KB
- MD5
  
  c54016cc1b7833103037164dda1e5e2f
- SHA1
  
  912f3a8f8a24ded19d71f72964497203aad242a9
- SHA256
  
  5181f375fa96e0a1ec08443fc8caa34456daa844f220f5ca868746f97f7f4941
- SHA512
  
  b355b33b744518af07217c02e19678c0e3e0024a8275108f0f8d67805cf2690f990f6f0c9ebeed6388032d4906085e96827bcf66300af7044e8da342c77d8d23
- SSDEEP
  
  12288:N3qAtqNQEUWuTW8HtVZw3XTH3DYKdZWzcrlyoR11WoQ70Ns2EloBs42yxojsn6:JJXlWGW8HLZwzUcV1W3gSloBs42djs6
Score

7^/10

banker discovery
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral2
- Target
  
  deploy_plugin.jetaa
- Size
  
  125KB
- MD5
  
  a2e0a823b4eb3fc3c8ccfa295c9ac6f7
- SHA1
  
  6e37eab431721299aa07ff22f437ec2ef603d495
- SHA256
  
  5635172b7b8a3359b183dc6c93fe759ce3093c68daec43119976ba25c7e074cc
- SHA512
  
  2e762ab5f9177fd879347c9c62bcf0e5658c497d52b9ce152d07c1673c165ec778ec3942edffb0408006540a899075fdc57b02b064b1b98d5195e3120300ee90
- SSDEEP
  
  3072:MQO/3EYRuHasz3+EvPVp5rauP6unk2lNZ9QghK07rEpVQglWCM:MQOvEYR2j3+M39auCunkcZayKuorlWCM
Score

1^/10
behavioral3 behavioral4
- Target
  
  deploy_plugin.jetab
- Size
  
  791KB
- MD5
  
  09e0f0cb9d3f2d0daa62c922dd54e93d
- SHA1
  
  d6f5122255e7f5b0a932f9c3e114c00eafbf5e59
- SHA256
  
  28001a414f56127934b5dbc74bfd39fc2f95ac79589614e47031110a9aca8ea4
- SHA512
  
  f979d2791c3bb5f715b4981dc43eec7feaf40a18935d58a93075354e27c5196b2e4ed17c0b7ea67e755f23e328be356be311fb82dc5714ee88d1d98c2f6ceef2
- SSDEEP
  
  12288:jr8J66jZe9raxBOkd3vGOC1u9sH8ntaRmWWy9pCe65:jr8J66Fe9gGO26ntf
Score

1^/10
behavioral5 behavioral6 behavioral7