Overview

overview

8

Static

static

6

f743808842...18.apk

android-9-x86

8

__xadsdk__...__.apk

android-9-x86

__xadsdk__...__.apk

android-10-x64

__xadsdk__...__.apk

android-11-x64

dynamic1113.apk

android-9-x86

dynamic1113.apk

android-10-x64

dynamic1113.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7438088420ada7197564daef833f184_JaffaCakes118

  • Size

    10.1MB

  • Sample

    240418-e2c8gacc2y

  • MD5

    f7438088420ada7197564daef833f184

  • SHA1

    966d1f1fdf8ffd52276c3112a108e5f89429ec0a

  • SHA256

    569f0afe44d67c20f7870e3e63007215f1249198bb39450eb305dca3a1572cb8

  • SHA512

    5f87a0133622860b981f1a86596339177d4d5f6d586c045867ea88d0bb195729b453a35bde092ffe7c87ce748aaa7c4702fb42cfe859ecd61ac5c770da4f43c4

  • SSDEEP

    196608:OOrn9iYd5YKUT4ngHiKX3FR5Hm/NMAHclPDmalSqSHoFBPNT:1hYKUqi9X1HG/NMaUbBfFBlT

Score
8/10
androidcollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f7438088420ada7197564daef833f184_JaffaCakes118

    • Size

      10.1MB

    • MD5

      f7438088420ada7197564daef833f184

    • SHA1

      966d1f1fdf8ffd52276c3112a108e5f89429ec0a

    • SHA256

      569f0afe44d67c20f7870e3e63007215f1249198bb39450eb305dca3a1572cb8

    • SHA512

      5f87a0133622860b981f1a86596339177d4d5f6d586c045867ea88d0bb195729b453a35bde092ffe7c87ce748aaa7c4702fb42cfe859ecd61ac5c770da4f43c4

    • SSDEEP

      196608:OOrn9iYd5YKUT4ngHiKX3FR5Hm/NMAHclPDmalSqSHoFBPNT:1hYKUqi9X1HG/NMaUbBfFBlT

    Score
    8/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      __xadsdk__remote__final__.jar

    • Size

      65KB

    • MD5

      c83d02f3a965454b9d106beb5a111125

    • SHA1

      820f68024d29e40902a2ef041293b72de6f21202

    • SHA256

      39c93a5a72961e4664686f7a7ee10b82af182d1ea00ab188d99479f9b3d1a063

    • SHA512

      b9db74d0a9ecee9d70c9dad171199397d795836e0adc890c2ea37649274a42a56e67c8c901328f7c1d234e831f4d2e943d2c6e5c47043cda7f360a27a6b30442

    • SSDEEP

      1536:e/hsDoPAjTjYtsCO8MtccgEoH0KikQ4Mm1Zs:NjNn8+ol0KXTMm1q

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      dynamic1113.jar

    • Size

      107KB

    • MD5

      1d058c985a5d545470fce87b64b1a0b9

    • SHA1

      6fa01ab3e5ff345bce31b46e527f25456bb213f1

    • SHA256

      55f93eb4751229b1f2892370d010126cd180b1820c0458f0663e8ee24a47a143

    • SHA512

      03518a9b4feec14e6d42ff42e4e59fe99d19dea210cb8fc25705c7d1749176cb67f7e77fe45c2be71801aa46972ae024df5d8c3a3885c1db8347b1d036a2577d

    • SSDEEP

      3072:ecKj5TN8IID/UfQe5gJSQpHOWzVymPOs2+a:2j5Tl68fCDAW4aOsK

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Matrix

Tasks