Overview

overview

8

Static

static

6

f768d83fcb...18.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f768d83fcba4617a08616a9365c30728_JaffaCakes118

  • Size

    8.3MB

  • Sample

    240418-gr6hdaee3x

  • MD5

    f768d83fcba4617a08616a9365c30728

  • SHA1

    504268bf8888b42045d00e18329a6b4563083dd9

  • SHA256

    821ce1b337fb6a9ab20dba9ca38369a6c8592f0b1c7984de731e8113f3359949

  • SHA512

    35371bd36f11ea3354c577ea17efb7423a6bf65abe423b7f550811f24bda273c665a47d12ba63f1d217cb59d845a3d29e86aed297dd758ecbbc8507106b9f706

  • SSDEEP

    196608:aUtbwPTUdsN6Y0B5Ck/VsVTHMjKqXbp6NDFJzh1HVW06EQ14E7MkBOvv5tR:a4ela5Ck/VsVTxEb0Nhp7xdQ14ENOh

Score
8/10
androidbankercollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f768d83fcba4617a08616a9365c30728_JaffaCakes118

    • Size

      8.3MB

    • MD5

      f768d83fcba4617a08616a9365c30728

    • SHA1

      504268bf8888b42045d00e18329a6b4563083dd9

    • SHA256

      821ce1b337fb6a9ab20dba9ca38369a6c8592f0b1c7984de731e8113f3359949

    • SHA512

      35371bd36f11ea3354c577ea17efb7423a6bf65abe423b7f550811f24bda273c665a47d12ba63f1d217cb59d845a3d29e86aed297dd758ecbbc8507106b9f706

    • SSDEEP

      196608:aUtbwPTUdsN6Y0B5Ck/VsVTHMjKqXbp6NDFJzh1HVW06EQ14E7MkBOvv5tR:a4ela5Ck/VsVTxEb0Nhp7xdQ14ENOh

    Score
    8/10
    bankercollectiondiscoveryevasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Acquires the wake lock

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      evasion

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks