Overview

overview

10

Static

static

7

005b978129...18.apk

android-9-x86

10

PayUtils-370.apk

android-9-x86

PayUtils-370.apk

android-10-x64

PayUtils-370.apk

android-11-x64

res.apk

android-9-x86

res.apk

android-10-x64

res.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    005b978129520cd4134bd9a0bca9ab68_JaffaCakes118

  • Size

    12.7MB

  • Sample

    240426-j7l5sace5z

  • MD5

    005b978129520cd4134bd9a0bca9ab68

  • SHA1

    6e5ea567f627a35ff81e51e2b8664889d62beaf8

  • SHA256

    7d5345b0acae16235067fa8445c0d6a6936c2325d8d430de1fe274a1c1b6397b

  • SHA512

    c07b13eae02b9c3b63cf192117780e6d716c0e6d149dfa9abe9dd1b3e34cb7a0436babc966d0b9b5a2fd1d18159209fc2f4e7897cb50ecb182704fe26b2ea4b8

  • SSDEEP

    393216:N0+PfmlxjLb0toBqsQpYB5TvkkD96mwmdnUf+K8:LPfmllXYoKYBpDKm+a

Score
10/10
badmirrorandroidbankercollectiondiscoveryevasionimpactinfostealerrattrojanupx

Malware Config

Targets

    • Target

      005b978129520cd4134bd9a0bca9ab68_JaffaCakes118

    • Size

      12.7MB

    • MD5

      005b978129520cd4134bd9a0bca9ab68

    • SHA1

      6e5ea567f627a35ff81e51e2b8664889d62beaf8

    • SHA256

      7d5345b0acae16235067fa8445c0d6a6936c2325d8d430de1fe274a1c1b6397b

    • SHA512

      c07b13eae02b9c3b63cf192117780e6d716c0e6d149dfa9abe9dd1b3e34cb7a0436babc966d0b9b5a2fd1d18159209fc2f4e7897cb50ecb182704fe26b2ea4b8

    • SSDEEP

      393216:N0+PfmlxjLb0toBqsQpYB5TvkkD96mwmdnUf+K8:LPfmllXYoKYBpDKm+a

    Score
    10/10
    badmirrorbankercollectiondiscoveryevasionimpactinfostealerrattrojanupx

    • BadMirror

      BadMirror is an Android infostealer first seen in March 2016.

      trojaninfostealerratbadmirror

    • BadMirror payload

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Reads the content of SMS inbox messages.

      collection

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks if the internet connection is available

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      PayUtils-370.jar

    • Size

      101KB

    • MD5

      388bf70ea8f190597d287a05c545efa4

    • SHA1

      a45e48158b448390bf8347bff5d5a3988f229b74

    • SHA256

      87f2089001a950588d5442ebbad97ec47696fead9247008e8488ef5242ac2fc5

    • SHA512

      00a20e7c8b5dde2a41728a37816c1f89195e24824a60148c0df0a32825d48e78c68adeaabb218f0a81224c28c1f3c67418f40eb71ef6e68a40c75b028d6f35aa

    • SSDEEP

      3072:YKYEfYeaBCwiCKgqdPzQ1XA2+vyTm4nLwCJmj42K:YSAeaRlqNY+P4LvJmnK

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      res.bin

    • Size

      150KB

    • MD5

      8f990c972cac89d9955f33e48498c6f5

    • SHA1

      fdd014b9e0b0565e0bc9e6cc0d82571376311955

    • SHA256

      3fd1f02054539020039615f01f7a8c86306bbd523e32d9ef1b5caec82d154efc

    • SHA512

      d023cfb8a55e1d3252d6e564f43e8cf2e4cde0f6b6c7574b1c83ad51c44132609783c96db9965a95f3d23d53e68e4308bc77a3b285bc462bd348adb88ef21fab

    • SSDEEP

      3072:P88zGx4tnIQm8W810HoQRT2h84xfbxK4+rMBTzVHjOwdxHjS3M078eqwqPa:P85088T0HoKs8ib4Hr2P+M0DqwqPa

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Matrix

Tasks