6107f2308c6e6e94169034d8480e0999ac60ea3417f2d759a5a583f3ae7c0472 | Triage

Submit
Reports

Overview

overview

7

Static

static

6

1b35c2098d...18.apk

android-9-x86

7

com.baidu....er.apk

android-9-x86

1

com.baidu.zeus.apk

android-9-x86

com.baidu.zeus.apk

android-10-x64

com.baidu.zeus.apk

android-11-x64

midnightplugin.apk

android-9-x86

midnightplugin.apk

android-10-x64

midnightplugin.apk

android-11-x64

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

readersdkplugin.apk

android-9-x86

readersdkplugin.apk

android-10-x64

readersdkplugin.apk

android-11-x64

Sharing

General

Target

1b35c2098df022cbb8af0a5a7d656edb_JaffaCakes118
Size

7.6MB
Sample

240701-n4x54atdmk
MD5

1b35c2098df022cbb8af0a5a7d656edb
SHA1

33d003fb8e41e46883605b5ae8d4b5b6f779ffb9
SHA256

6107f2308c6e6e94169034d8480e0999ac60ea3417f2d759a5a583f3ae7c0472
SHA512

cc368f3197cdbaef59462000f8bcdc1d242ccc785b59deaf0d0355cc1c73c6f89a8c2129629b25595f5eba8a93e0d81d3cddb96fce8bb753519c4c1080b5e5cb
SSDEEP

196608:P3SpzTd0haw7IOQPPplz2CjivZ4AIN6VlsjDDjtzR4UL:PituhjFQ5lzZjiBKUlsfFR4UL

Score

7^/10

android banker collection discovery evasion impact persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1b35c2098df022cbb8af0a5a7d656edb_JaffaCakes118.apk

Resource

android-x86-arm-20240624-en

banker collection discovery evasion impact persistence

android-9-x86

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

com.baidu.browser.videoplayer.apk

Resource

android-x86-arm-20240624-en

android-9-x86

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

com.baidu.zeus.apk

Resource

android-x86-arm-20240624-en

android-9-x86

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

com.baidu.zeus.apk

Resource

android-x64-20240624-en

android-10-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

com.baidu.zeus.apk

Resource

android-x64-arm64-20240624-en

android-11-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

midnightplugin.apk

Resource

android-x86-arm-20240624-en

android-9-x86

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

midnightplugin.apk

Resource

android-x64-20240624-en

android-10-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

midnightplugin.apk

Resource

android-x64-arm64-20240624-en

android-11-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

plugin-deploy.apk

Resource

android-x86-arm-20240624-en

android-9-x86

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

plugin-deploy.apk

Resource

android-x64-20240624-en

android-10-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

plugin-deploy.apk

Resource

android-x64-arm64-20240624-en

android-11-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

readersdkplugin.apk

Resource

android-x86-arm-20240624-en

android-9-x86

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

readersdkplugin.apk

Resource

android-x64-20240624-en

android-10-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

readersdkplugin.apk

Resource

android-x64-arm64-20240624-en

android-11-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b35c2098df022cbb8af0a5a7d656edb_JaffaCakes118
- Size
  
  7.6MB
- MD5
  
  1b35c2098df022cbb8af0a5a7d656edb
- SHA1
  
  33d003fb8e41e46883605b5ae8d4b5b6f779ffb9
- SHA256
  
  6107f2308c6e6e94169034d8480e0999ac60ea3417f2d759a5a583f3ae7c0472
- SHA512
  
  cc368f3197cdbaef59462000f8bcdc1d242ccc785b59deaf0d0355cc1c73c6f89a8c2129629b25595f5eba8a93e0d81d3cddb96fce8bb753519c4c1080b5e5cb
- SSDEEP
  
  196608:P3SpzTd0haw7IOQPPplz2CjivZ4AIN6VlsjDDjtzR4UL:PituhjFQ5lzZjiBKUlsfFR4UL
Score

7^/10

banker collection discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Queries information about active data network
  discovery
- Reads information about phone network operator.
  discovery
behavioral1
- Target
  
  com.baidu.browser.videoplayer.apk
- Size
  
  741KB
- MD5
  
  94a095f0a8e78d9c3c427735168cf8a9
- SHA1
  
  f45dea46ada0fafd3b7b902af790d01cac5a6531
- SHA256
  
  9ae30690dd9c08d3e76fff87adeb3f778bfc561b5ec256b2e950dad8a90cbe24
- SHA512
  
  e49c7270e89414d767d73b264c87d116067fb6f87c753a5f144b149621dc5157db381951d699cfb1d18121776ff8f02a574375c850d94a685d63e4ba843cb3cc
- SSDEEP
  
  12288:Ae3TSSo+6kCUzaw3d0N4tpyoWPEIrQT3l0RMQRd+bmYR9GCeGqsqF8pjGHJ2AP:Jro+6cS4moowT34DdIkHsJwMG
Score

1^/10
behavioral2
- Target
  
  com.baidu.zeus.jar
- Size
  
  478KB
- MD5
  
  df38c576c220eb0cbd81a3045a2133fd
- SHA1
  
  ec6743fbfa28290ff29eaa4572c5fb3e03ba6645
- SHA256
  
  7ce296acf2a8cbb17a02a9895d7d5d5a12d2b40edc16b01430bd56e89cf6f692
- SHA512
  
  6ed3a31b70f78669abef22fc0fde1915d379b5965eb7ce8cd3953c02f4c8b28ed066298e567080ab335ade26ac477b2266e92dc73ec4ce8cb02153111bf66298
- SSDEEP
  
  12288:GuH0VQqS4mTmzEggkrEXMJYeNPkwl/SZ1EZAq:dH0VO4qgHwXCDR/CEOq
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  midnightplugin.jar
- Size
  
  113KB
- MD5
  
  b504478b11be47318e20043f8ac109d9
- SHA1
  
  0278daa533b894cf9bef336824fc127e40bd8990
- SHA256
  
  35930eb5cfd5972a568b5edad2462932729ae00a46fc3ae38f03c2e5e03c5e04
- SHA512
  
  cfae45d4f928d105695b8cd8c816696ff176d8c726028efb73a645387d537b955ed8ab6afdd2261a9b3a8ff57dcfa6c6e73c59e05ee04e3cf5a3fcf836f6d4eb
- SSDEEP
  
  1536:xKoQjqi2Fa+YYkBe4eZ8Q0H4EhgHiEgyPA4zLqBd87gyntNJJZnNCDJfI8Aw:kTu4+YnBepq48GiEgd4zWYJVLNCdtAw
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  plugin-deploy.jar
- Size
  
  180KB
- MD5
  
  7d95c11e66c6b67bb3a4463122b56aaa
- SHA1
  
  56022b25dc10ef5720c4fc595e48b897b93fe299
- SHA256
  
  4e1f68ba310c0ee2eb4d4036cf5ffa26b2e4ef0a675ca6e1a7e16d3dcb1056a4
- SHA512
  
  05fa0d7212ba9c93eadf0d0e7268f5a484ed63440e7645b4bf824e7274cfd31611abee8196150b5ce5730f609f001a2c7283de6beb047f5e2bf703680ffe6da4
- SSDEEP
  
  3072:FhfZl5wTJBP6ouKgn26+kNVey55xnTQcyJnI+bR0knCvLl9zna53TdGd6spuqj:FpNwTJl6fn2B5yfxnonI+bR3CvLfznuC
Score

1^/10
behavioral10 behavioral11 behavioral9
- Target
  
  readersdkplugin.jar
- Size
  
  205KB
- MD5
  
  c1cb77542735475eae1ce31c274e3c8d
- SHA1
  
  b89b2e94c87be6ef04ce4c01415cd7899f99fddc
- SHA256
  
  c6bc57847c0261c61059812f013f6ff845783d8e838b58411ee4d3086053705c
- SHA512
  
  f92e0eb952c58aafd701b63a11bca11bbad45e26a04b9340b2312efc2d24cfabfefc16edc9fbd0a7138396d5878c02c0b42bcbf142402aa2be0053eb24656f93
- SSDEEP
  
  6144:Zoqzpd8MR+2nu7ZOymhw8suvOjHp2u2NKep:6qZniYxObEuaKep
Score

1^/10
behavioral12 behavioral13 behavioral14

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankercollectiondiscoveryevasionimpactpersistence

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

© 2018-2024

Terms | Privacy