Overview

overview

8

Static

static

6

02fd47ba4e...18.apk

android-9-x86

8

02fd47ba4e...18.apk

android-10-x64

8

alipay_msp.apk

android-9-x86

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    02fd47ba4e9303e4249393e4b7c9329b_JaffaCakes118

  • Size

    16.1MB

  • Sample

    240427-lyarhagg6x

  • MD5

    02fd47ba4e9303e4249393e4b7c9329b

  • SHA1

    f59b18fd904ef50b7820aee49f4199fe905c3d01

  • SHA256

    adfa5cac7a227d95101060c8d98f21d1a9cad68c41558f46a77a7305157b0b43

  • SHA512

    34f9d123cd117152e84babacd01ac46f69e7e5b0dbe065e8ff0023db3faa624918ea6e58b42370d9e6c280e310b1d427ce13779b3b1d4241bc5327b3c09a5555

  • SSDEEP

    196608:wHXJ87ztIwzcj+FTksPKgrKNl3yu9z/XAME0n7vJj6Yarqr1ij+tYTjbO8J/jf5V:yXJ0z7zM+FyUq/jrIYa2EDTjhOEJZ/L

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      02fd47ba4e9303e4249393e4b7c9329b_JaffaCakes118

    • Size

      16.1MB

    • MD5

      02fd47ba4e9303e4249393e4b7c9329b

    • SHA1

      f59b18fd904ef50b7820aee49f4199fe905c3d01

    • SHA256

      adfa5cac7a227d95101060c8d98f21d1a9cad68c41558f46a77a7305157b0b43

    • SHA512

      34f9d123cd117152e84babacd01ac46f69e7e5b0dbe065e8ff0023db3faa624918ea6e58b42370d9e6c280e310b1d427ce13779b3b1d4241bc5327b3c09a5555

    • SSDEEP

      196608:wHXJ87ztIwzcj+FTksPKgrKNl3yu9z/XAME0n7vJj6Yarqr1ij+tYTjbO8J/jf5V:yXJ0z7zM+FyUq/jrIYa2EDTjhOEJZ/L

    Score
    8/10
    bankerdiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      alipay_msp.apk

    • Size

      354KB

    • MD5

      89c04e1ebcd58eca6dd93211628ed0bc

    • SHA1

      7d1e77ce25a635299704dbd95bd95c697572ea9d

    • SHA256

      ee3c608fff51b313f4e0b3e542bedccb4d4db4c8eb44e63bf4be0d468e9ee117

    • SHA512

      3dccaeff9906401855f3071c91012926d7e9250674ea0bb89606e4862223a8343fc7b9369afe4e50031d261b45437107c018f565da5615c49721c3bf1bf6ed01

    • SSDEEP

      6144:cH8LfOo+BjGVN8TdW4zxgnm1Us3JuOK2vf5C8EcPK+WvyQcQ2fnq7:cHLxBiVN8pWggmlY25CLE8RcQ2fnq7

    Score
    8/10
    collectiondiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Checks if the internet connection is available

      discovery
    behavioral3

MITRE ATT&CK Mobile v15

Tasks