Overview

overview

10

Static

static

10

0d80fd995c...18.apk

android-9-x86

8

0d80fd995c...18.apk

android-10-x64

8

0d80fd995c...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d80fd995c8960f6caae96903fb04c12_JaffaCakes118

  • Size

    7.3MB

  • Sample

    240502-e4j4ssgh5v

  • MD5

    0d80fd995c8960f6caae96903fb04c12

  • SHA1

    80239deff9e5b030b629898b0df88e20606e44cd

  • SHA256

    85625f93ce3a9cfc3af32b0af9c9981349898e7c6d2140187c000ebb91514e76

  • SHA512

    ac54c4378d066f49cbb8ff5d45ee225e99b86c5d13f0bed8273b88d69354c91ed33343754ba08d5f7ec61588de90737274f37b6b996b7091d56e224f96ca8163

  • SSDEEP

    196608:LJdcDXXdLVeLkD9cadR7maWFe7417as9zT9VsEiw0+:LJdoXeVadoaWFe741Ws9z5VsEiwX

Score
10/10
irataandroidbankerdiscoverypersistence

Malware Config

Targets

    • Target

      0d80fd995c8960f6caae96903fb04c12_JaffaCakes118

    • Size

      7.3MB

    • MD5

      0d80fd995c8960f6caae96903fb04c12

    • SHA1

      80239deff9e5b030b629898b0df88e20606e44cd

    • SHA256

      85625f93ce3a9cfc3af32b0af9c9981349898e7c6d2140187c000ebb91514e76

    • SHA512

      ac54c4378d066f49cbb8ff5d45ee225e99b86c5d13f0bed8273b88d69354c91ed33343754ba08d5f7ec61588de90737274f37b6b996b7091d56e224f96ca8163

    • SSDEEP

      196608:LJdcDXXdLVeLkD9cadR7maWFe7417as9zT9VsEiw0+:LJdoXeVadoaWFe741Ws9z5VsEiwX

    Score
    8/10
    bankerdiscoverypersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Acquires the wake lock

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks