Overview

overview

8

Static

static

6

fa521e2863...18.apk

android-9-x86

7

fa521e2863...18.apk

android-13-x64

8

gdtadv2.apk

android-9-x86

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa521e2863cfe1a3b99328b3ed0d1a60_JaffaCakes118

  • Size

    14.8MB

  • Sample

    240419-py2rrsdg6t

  • MD5

    fa521e2863cfe1a3b99328b3ed0d1a60

  • SHA1

    3d44ae9e2f88d7a21a29f1a26c2312c46d10cc7d

  • SHA256

    43a8ba4194435542bf4daaa32f326cac64c0d8142e6e4bd82a3af0fcd788499f

  • SHA512

    c1b5298138fececbbaf4ad6b9089077092e542b1b0c41e6fcf46f4905a31f4dc910c41ac4d8893af7e5390724fb7a763cf32f51a01687e26cf4be73b0f63906c

  • SSDEEP

    393216:5q05W6aPl9z55w7ZxdcuNTzWSE+1sVeqKF7LWDZAW:R5W/l9Xk68PWMgebaAW

Score
8/10
androidcollectiondiscoveryevasion

Malware Config

Targets

    • Target

      fa521e2863cfe1a3b99328b3ed0d1a60_JaffaCakes118

    • Size

      14.8MB

    • MD5

      fa521e2863cfe1a3b99328b3ed0d1a60

    • SHA1

      3d44ae9e2f88d7a21a29f1a26c2312c46d10cc7d

    • SHA256

      43a8ba4194435542bf4daaa32f326cac64c0d8142e6e4bd82a3af0fcd788499f

    • SHA512

      c1b5298138fececbbaf4ad6b9089077092e542b1b0c41e6fcf46f4905a31f4dc910c41ac4d8893af7e5390724fb7a763cf32f51a01687e26cf4be73b0f63906c

    • SSDEEP

      393216:5q05W6aPl9z55w7ZxdcuNTzWSE+1sVeqKF7LWDZAW:R5W/l9Xk68PWMgebaAW

    Score
    8/10
    discoveryevasioncollection

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

    • Target

      gdtadv2.jar

    • Size

      1.1MB

    • MD5

      62d3210f0381703b79c016a5a475c650

    • SHA1

      d57e3810e0490f3c46c7cef1430047e640e1170f

    • SHA256

      b24e08fff96ed736f5f5751f2b5f7e5751118616f0e9557974748c8674e2d197

    • SHA512

      153dc4cee44b62ebefa59e260ddfb8c197188c17dfb8d384fb588a881b321e841b245b5e2fbb4d44ba6ca597e1a5e73b36441c6bb800fbf5a01f33d91fd98c14

    • SSDEEP

      24576:/ZrPZ3ONad/a9n3cOWPjywoGpe6LrA1kZb5wCWv1SC5+6Cmmtx/Q+b/:BrB3OcdS9n3cXywoRRqmCOSCk6At/j

    Score
    1/10
    behavioral3

MITRE ATT&CK Mobile v15

Tasks