Overview

overview

8

Static

static

6

f67ee2e8f0...18.apk

android-9-x86

8

f67ee2e8f0...18.apk

android-13-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    f67ee2e8f08190bf558a61e3b0f12891_JaffaCakes118

  • Size

    15.2MB

  • Sample

    240417-x35cfsch8z

  • MD5

    f67ee2e8f08190bf558a61e3b0f12891

  • SHA1

    c206b84220958a35251d98b3e275e02d74040d0b

  • SHA256

    dd8ac1c2cdbc72bc1ba84efb3ea207cc9317680a7b05452217d2aa2c60584b12

  • SHA512

    d1b9833a6d4fe8edb608bd69aeaecd1618b198930f55e38c1fa8160b298f44cdbb65f6e73cd40003926b0420199c125b09f75298a306730b991cedb9d98dc1aa

  • SSDEEP

    196608:FTogZC/Zd1ipgZ0nBx/gZDad8MrJ+c4GTYaiHwjMUzD5FuzfJWvUFmmPta6PeycN:Jpe1iuZSjgZsN6GriHiz1FHQDzDc5Khu

Score
8/10
androidcollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f67ee2e8f08190bf558a61e3b0f12891_JaffaCakes118

    • Size

      15.2MB

    • MD5

      f67ee2e8f08190bf558a61e3b0f12891

    • SHA1

      c206b84220958a35251d98b3e275e02d74040d0b

    • SHA256

      dd8ac1c2cdbc72bc1ba84efb3ea207cc9317680a7b05452217d2aa2c60584b12

    • SHA512

      d1b9833a6d4fe8edb608bd69aeaecd1618b198930f55e38c1fa8160b298f44cdbb65f6e73cd40003926b0420199c125b09f75298a306730b991cedb9d98dc1aa

    • SSDEEP

      196608:FTogZC/Zd1ipgZ0nBx/gZDad8MrJ+c4GTYaiHwjMUzD5FuzfJWvUFmmPta6PeycN:Jpe1iuZSjgZsN6GriHiz1FHQDzDc5Khu

    Score
    8/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks