Overview

overview

8

Static

static

6

fd583e9c21...18.apk

android-9-x86

8

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    fd583e9c21315ffcb4217133d4ea8832_JaffaCakes118

  • Size

    14.2MB

  • Sample

    240420-ww2sbaee27

  • MD5

    fd583e9c21315ffcb4217133d4ea8832

  • SHA1

    fa456c150f5c1f9d1eeb61b74acb61b973b254f7

  • SHA256

    a999a86dffb6d857f78033e647214c8a34dcb563cdc5d1061d4f660a85d328ca

  • SHA512

    738e0fbba5d11d732073489e6d1e34498acc3d18654f250fbe883d9db7833edced4486b317f0b5f3717bbe6376b5c4f6ebf5c70668f1f43f9091ea9c5dd73a1d

  • SSDEEP

    196608:nKhDmUcZFZDCNMnFvRb+Fwrumq/VV1o6Gip1jIXV5hXNim6sYPoyjzA8kFBiASES:Ksz+WrumIV1o6Z1wV576sYAozEBxn2v

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      fd583e9c21315ffcb4217133d4ea8832_JaffaCakes118

    • Size

      14.2MB

    • MD5

      fd583e9c21315ffcb4217133d4ea8832

    • SHA1

      fa456c150f5c1f9d1eeb61b74acb61b973b254f7

    • SHA256

      a999a86dffb6d857f78033e647214c8a34dcb563cdc5d1061d4f660a85d328ca

    • SHA512

      738e0fbba5d11d732073489e6d1e34498acc3d18654f250fbe883d9db7833edced4486b317f0b5f3717bbe6376b5c4f6ebf5c70668f1f43f9091ea9c5dd73a1d

    • SSDEEP

      196608:nKhDmUcZFZDCNMnFvRb+Fwrumq/VV1o6Gip1jIXV5hXNim6sYPoyjzA8kFBiASES:Ksz+WrumIV1o6Z1wV576sYAozEBxn2v

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      bdxadsdk.jar

    • Size

      454KB

    • MD5

      7ea83ae891bd42c7711a8131f3c503c4

    • SHA1

      2d514aa0ef432ae6e5c4147ba9a2465da7b1e8a3

    • SHA256

      cbaecab41760f4a7e7e7a3e815c774067476e6c17126f00d2e47046146079d56

    • SHA512

      a44fe167926f4b05724381a87d3d3c7b2c2b5c441a62611dca58ebf3ec9d8e71680f392021036cdd54c56c2b60a461b921f5471cc6a997951019aebfc81b627b

    • SSDEEP

      6144:9iCYTNvMUa2k7VGVCKLZ+tZBb2ONPFmpGjQkzLC3Xnks1Yn0K4UzAUxxNCbeUxhq:e8vKLZ+tROt7kdt8U3NCbBh1LaA2

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks