Overview

overview

7

Static

static

6

05076f70c9...18.apk

android-9-x86

7

05076f70c9...18.apk

android-10-x64

7

gdtad.apk

android-9-x86

gdtad.apk

android-10-x64

gdtad.apk

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    05076f70c9d5bc0482e238621b0aad5a_JaffaCakes118

  • Size

    31.4MB

  • Sample

    240428-mzqd1sea66

  • MD5

    05076f70c9d5bc0482e238621b0aad5a

  • SHA1

    5c968b9f856d19f15479df5c82548d1a0fe9bf90

  • SHA256

    b8b72e1229be3b0a6d5011876fa8e8c5bd6d740d55e3e11f2ebc42840847a33b

  • SHA512

    8cd5e6564d2cf2b22a82444166899ec6d8ed89876c66fc98261ee20d1d7ccbecaa9362577b71bf4f9fed4b717b15b5932f8b0d1518b4cb13c169062c3bb70aad

  • SSDEEP

    786432:9hiOtKgpy7W4qEnJTl2FriTvQxNLYJKtZUFpuAeiGH5lj:9YOtLyy4qKJTKXLYsMXuRZ9

Score
7/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      05076f70c9d5bc0482e238621b0aad5a_JaffaCakes118

    • Size

      31.4MB

    • MD5

      05076f70c9d5bc0482e238621b0aad5a

    • SHA1

      5c968b9f856d19f15479df5c82548d1a0fe9bf90

    • SHA256

      b8b72e1229be3b0a6d5011876fa8e8c5bd6d740d55e3e11f2ebc42840847a33b

    • SHA512

      8cd5e6564d2cf2b22a82444166899ec6d8ed89876c66fc98261ee20d1d7ccbecaa9362577b71bf4f9fed4b717b15b5932f8b0d1518b4cb13c169062c3bb70aad

    • SSDEEP

      786432:9hiOtKgpy7W4qEnJTl2FriTvQxNLYJKtZUFpuAeiGH5lj:9YOtLyy4qKJTKXLYsMXuRZ9

    Score
    7/10
    collectiondiscoveryevasionimpactpersistencecredential_access

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      gdtad.jar

    • Size

      67KB

    • MD5

      1a622976099d557a9a1004ba35944fbd

    • SHA1

      72f03529a1b11b20334b60c3f292efdb21c94425

    • SHA256

      ee56e4e5315a63852ac4779d485b6eacdae33835268f924929327d037f7a0511

    • SHA512

      ff16f9b5565d1f3c31c259f93c5c5b7b6bc5ae7a97c5f286ce05c7b84b3fe0c7437bc5b13258fc92f48b8c7da525f4ba1bbf00c1294dd0eef5da4771d5b3fed7

    • SSDEEP

      1536:m8tLJUoSJepLDbTugbT1c8Qbm1oSCbjgDKgU1eMzKEP:m8F2ocELDbTTcNsoPk3idPP

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks