Overview

overview

10

Static

static

6

bbdfddc05f...18.apk

android-9-x86

10

bbdfddc05f...18.apk

android-10-x64

10

bbdfddc05f...18.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbdfddc05f32e4d7421e7b29dc2c2d48_JaffaCakes118

  • Size

    7.5MB

  • Sample

    240404-svt5asbc3y

  • MD5

    bbdfddc05f32e4d7421e7b29dc2c2d48

  • SHA1

    c10f45072242b16735dce7bc08b15bce72b6522a

  • SHA256

    ea391f65ae367799ab1bc162a4b8dcedb76f1da1e5595548497d943298f18682

  • SHA512

    8442866d0ba9652549883648f9e1e22d7980f2f43494fd72789934a9138fcc97ff67f3ee73288e9601597c4e5a7ecb1179c4f7acb70284aa96793383fc5fc763

  • SSDEEP

    196608:gzZeTXTF6lHf3kn1pyNUxMDWx0RiQdyjynFAL9D:g9CJp2UxYWabyj40D

Score
10/10
hydraandroidbankercollectiondiscoveryevasioninfostealertrojan

Malware Config

Targets

    • Target

      bbdfddc05f32e4d7421e7b29dc2c2d48_JaffaCakes118

    • Size

      7.5MB

    • MD5

      bbdfddc05f32e4d7421e7b29dc2c2d48

    • SHA1

      c10f45072242b16735dce7bc08b15bce72b6522a

    • SHA256

      ea391f65ae367799ab1bc162a4b8dcedb76f1da1e5595548497d943298f18682

    • SHA512

      8442866d0ba9652549883648f9e1e22d7980f2f43494fd72789934a9138fcc97ff67f3ee73288e9601597c4e5a7ecb1179c4f7acb70284aa96793383fc5fc763

    • SSDEEP

      196608:gzZeTXTF6lHf3kn1pyNUxMDWx0RiQdyjynFAL9D:g9CJp2UxYWabyj40D

    Score
    10/10
    hydrabankercollectiondiscoveryevasioninfostealertrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks