Overview

overview

8

Static

static

6

f8b14c2da9...18.apk

android-9-x86

8

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

sdk.apk

android-9-x86

sdk.apk

android-10-x64

sdk.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8b14c2da97126764da1d756e0bde38e_JaffaCakes118

  • Size

    6.5MB

  • Sample

    240418-zdc8saec25

  • MD5

    f8b14c2da97126764da1d756e0bde38e

  • SHA1

    2898e22b4b83ab557a7dad259ebfc98360c074fd

  • SHA256

    7ff9ff3cb6a7a0c4c978cdc409ccdb5e5745959a7d4bbd79488a8c063cd2531d

  • SHA512

    1199b652a0e0253fe426dfb8325eb847e048bbd915a0365ee829e22ec3e85dbbb72e517086d103d92f606df1798e86b89a8d7bfdbe45f05c61d7abcadeb2d2d4

  • SSDEEP

    196608:FWxD9y5a6oZNu0Jufk6z3pLZDGsmDokY9:ULy5GiWuft1UK

Score
8/10
androidbankercollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f8b14c2da97126764da1d756e0bde38e_JaffaCakes118

    • Size

      6.5MB

    • MD5

      f8b14c2da97126764da1d756e0bde38e

    • SHA1

      2898e22b4b83ab557a7dad259ebfc98360c074fd

    • SHA256

      7ff9ff3cb6a7a0c4c978cdc409ccdb5e5745959a7d4bbd79488a8c063cd2531d

    • SHA512

      1199b652a0e0253fe426dfb8325eb847e048bbd915a0365ee829e22ec3e85dbbb72e517086d103d92f606df1798e86b89a8d7bfdbe45f05c61d7abcadeb2d2d4

    • SSDEEP

      196608:FWxD9y5a6oZNu0Jufk6z3pLZDGsmDokY9:ULy5GiWuft1UK

    Score
    8/10
    bankercollectiondiscoveryevasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      plugin-deploy.jar

    • Size

      143KB

    • MD5

      e2c47c231d27f082fd61c159aa105d75

    • SHA1

      79fcdcea972aeb2bb7f5ccdc20e8aa3ac1608395

    • SHA256

      8d4d1d443966c84fe656b33153e338e72251f21b6f18b869cad685506b6435c4

    • SHA512

      4f0cbcab419abf2ca89955c0240533bec51abe53c8364f469cf29b8822e0b9aab168dc0d78cf3ff53b4bfbcc687925d6c9e2ad8fa95f6557f30e5f4ffd3fa091

    • SSDEEP

      3072:WyHWAPxG0lraATjL12iL9mDoDjUDKRWfv+GT4ALHO7khBih:ZxGZIJ2Q9mCUDKbILHrhq

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      sdk.jar

    • Size

      287KB

    • MD5

      740f07ad36842221845000c5ee6c664d

    • SHA1

      6a538af3af93874b6e190e07a15012e622076cdc

    • SHA256

      7dc44f4f3c9a97b1776fe2cb53b6e09890267fa50e15c265af8e72c6171bbfc2

    • SHA512

      b75cb5b6715dda8993dec823895e01438df90df23ede344337122c197e4ae644357c15693bf8ae28ee66620ba3064b9e18849966275b289c21b149772e396504

    • SSDEEP

      6144:O6jP1lqsnvNS2dOydtE2npVkV68hq/mI36vhgIjN0q0AojgvDFkDe:Ou1lqalS2dRtF+68Y/YhOqCaDFT

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Matrix

Tasks