Overview

overview

8

Static

static

6

f9283d2660...18.apk

android-9-x86

8

gdtadv2.apk

android-9-x86

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9283d2660faceb4cbd935bd9d60e1f8_JaffaCakes118

  • Size

    15.8MB

  • Sample

    240419-begqlada5x

  • MD5

    f9283d2660faceb4cbd935bd9d60e1f8

  • SHA1

    308f37c597f361c37d3e2589eab94e7829b2a2c0

  • SHA256

    4b624d726060fe04c5710dbfe764229ea476116941a2d7ab0e0819b78eb01eff

  • SHA512

    49e163dacac57fbcd65728d5060bafd2a01c2e52ac61183107e489b325bc77dca8a2d9fa8948b41d8eae2c3672a510a1d37626ffbfff079fa53d613b45b4374b

  • SSDEEP

    393216:pjqXRHSxvVqFEQZFFFPfGI3qWpErywqDeIe8TaAMsfwevxBn:8VxFfH4WWrtqPe8T1XwA

Score
8/10
androidcollectiondiscoveryevasion

Malware Config

Targets

    • Target

      f9283d2660faceb4cbd935bd9d60e1f8_JaffaCakes118

    • Size

      15.8MB

    • MD5

      f9283d2660faceb4cbd935bd9d60e1f8

    • SHA1

      308f37c597f361c37d3e2589eab94e7829b2a2c0

    • SHA256

      4b624d726060fe04c5710dbfe764229ea476116941a2d7ab0e0819b78eb01eff

    • SHA512

      49e163dacac57fbcd65728d5060bafd2a01c2e52ac61183107e489b325bc77dca8a2d9fa8948b41d8eae2c3672a510a1d37626ffbfff079fa53d613b45b4374b

    • SSDEEP

      393216:pjqXRHSxvVqFEQZFFFPfGI3qWpErywqDeIe8TaAMsfwevxBn:8VxFfH4WWrtqPe8T1XwA

    Score
    8/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks.

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      gdtadv2.jar

    • Size

      420KB

    • MD5

      f0ee7f7dd1ef4e5cd436ed6e1c609e5a

    • SHA1

      7d112abb7896294b075721b0200f0812ed65a418

    • SHA256

      0906bca7332f10d1bdc98b04eb5ad9de2af5da0590b5615aa5f66852b78d9369

    • SHA512

      5912538f74fcbe24bba5e3eef2804fd160ccd002bf144e30dd910c9d52d6a3e2dc172a3baa1f6d64ed93346a9b1d4760ae17ec6d1c7c8a4de8cb9264b82bf2be

    • SSDEEP

      6144:mQCx8Rp2KiQB/B4Qfdw3Vr/+rwWTLAUq3PwB32k59CruFIBSSAOC8hkIwx:ok/z/BJfdUW8W8ho4k59tSaOCckIS

    Score
    1/10
    behavioral2

MITRE ATT&CK Mobile v15

Tasks