Overview

overview

8

Static

static

6

f70462063b...18.apk

android-9-x86

8

f70462063b...18.apk

android-11-x64

8

OnewaySdk.apk

android-9-x86

OnewaySdk.apk

android-10-x64

OnewaySdk.apk

android-11-x64

gdtadv2.apk

android-9-x86

mimo_asset.apk

android-9-x86

1

mimo_asset.apk

android-10-x64

1

mimo_asset.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f70462063b86e7687b5a23d6d1231774_JaffaCakes118

  • Size

    14.2MB

  • Sample

    240418-b4jaqaff22

  • MD5

    f70462063b86e7687b5a23d6d1231774

  • SHA1

    ef0dafa005c436915e45b39997f3f7dfd1bcf3e4

  • SHA256

    efa68208cb67add4b04365e03b9f96a4e91ec5133937f3ced6159726865674cc

  • SHA512

    c97e7c942dd98cda21808cbbe9a58d4e3022398724ec97b52c29e688b312b9bfd073bc431013e1f4f01d10854f1d6071c9953535dee47dd7e22392b85bf0bbd1

  • SSDEEP

    393216:7q05VVI+aao+T/nNvoV2OB6VTdZVRINWLTWUMA:D5VVIp7+TMVB25fCe

Score
8/10
androidcollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f70462063b86e7687b5a23d6d1231774_JaffaCakes118

    • Size

      14.2MB

    • MD5

      f70462063b86e7687b5a23d6d1231774

    • SHA1

      ef0dafa005c436915e45b39997f3f7dfd1bcf3e4

    • SHA256

      efa68208cb67add4b04365e03b9f96a4e91ec5133937f3ced6159726865674cc

    • SHA512

      c97e7c942dd98cda21808cbbe9a58d4e3022398724ec97b52c29e688b312b9bfd073bc431013e1f4f01d10854f1d6071c9953535dee47dd7e22392b85bf0bbd1

    • SSDEEP

      393216:7q05VVI+aao+T/nNvoV2OB6VTdZVRINWLTWUMA:D5VVIp7+TMVB25fCe

    Score
    8/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

    • Target

      OnewaySdk.jar

    • Size

      91KB

    • MD5

      93aac451409c9575e8726c1ceee12458

    • SHA1

      2c431bab7c5281c8df58c96c51af8c2083c9b711

    • SHA256

      9679e085512c92eb3625f59b96379bffcea729e9f85f599c1ec5f2a5c270002f

    • SHA512

      ed773ae652b4e666f201f02863ccfac1b6274c17c625b681ef076a032ddd44d5b473f433a68c50508cf14ea2d65b43c353f04b96acf3dd747f793202cc6b267a

    • SSDEEP

      1536:RIgkV2twzM58p4KRVbWW8eT0+Kttm9L/c/wqTMsj5n28hl3sIfGyMK5Qqam:uSKpdN8SKt4tcj5rHPeLCQw

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      gdtadv2.jar

    • Size

      1.1MB

    • MD5

      62d3210f0381703b79c016a5a475c650

    • SHA1

      d57e3810e0490f3c46c7cef1430047e640e1170f

    • SHA256

      b24e08fff96ed736f5f5751f2b5f7e5751118616f0e9557974748c8674e2d197

    • SHA512

      153dc4cee44b62ebefa59e260ddfb8c197188c17dfb8d384fb588a881b321e841b245b5e2fbb4d44ba6ca597e1a5e73b36441c6bb800fbf5a01f33d91fd98c14

    • SSDEEP

      24576:/ZrPZ3ONad/a9n3cOWPjywoGpe6LrA1kZb5wCWv1SC5+6Cmmtx/Q+b/:BrB3OcdS9n3cXywoRRqmCOSCk6At/j

    Score
    1/10
    behavioral6

    • Target

      mimo_asset.apk

    • Size

      397KB

    • MD5

      015b93140e10348bac8bbe9c1cd26e55

    • SHA1

      96f545739c8ae213c5afbc97e1bca4ef0346a100

    • SHA256

      1891f588d5d58f90ce8ee77afc968279aef9011470ac5a172ae3066093e4a0ba

    • SHA512

      351b4fdac4cd30a81c5ae593583c7412aa931632e3fcc20062fb13c8d06c3e286bc8e8468d6d2fb753b0cf12d21e3614db38ddbc502cf0c8de1b1abfd4f6a055

    • SSDEEP

      6144:z2TyBIPqGJXEmSogt05H3PgADV+aFSs36m+z110g+NrQwDEjAQ8wgKtiLnkt:z7BIiS0OpH/trcsqmU10g+LDEG5KOkt

    Score
    1/10
    behavioral7behavioral8behavioral9

MITRE ATT&CK Matrix

Tasks