Overview

overview

10

Static

static

10

2fc6435bd7...18.apk

android-9-x86

7

RootRobot.apk

android-9-x86

1

RootRobot.apk

android-10-x64

1

RootRobot.apk

android-11-x64

1

ri.apk

android-9-x86

ri.apk

android-10-x64

ri.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2fc6435bd71cc4e52fb0526734b50000_JaffaCakes118

  • Size

    9.1MB

  • Sample

    240510-ssvcaaff65

  • MD5

    2fc6435bd71cc4e52fb0526734b50000

  • SHA1

    f034b7b93b0656a9721efeb03db7e0a596998f47

  • SHA256

    59c059af923654a57cdcabe0652daf448200d51368ffd7610d4c5a421c0ca70e

  • SHA512

    cede8419d65992ea76fc5158539784aafbe698d425c9e8d8b722389aa16a7c6792e53e20202e331b5e8b10c64459ae02992952e15d947b6e633479c840ec8617

  • SSDEEP

    196608:eytBtUOGLBNd/KexY/w2wgplItfErbjC7PxTP9nJ0biEDDNpSWwjE:eAULHdqTw8ly799nJvaPHwg

Score
10/10
pegasusandroidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      2fc6435bd71cc4e52fb0526734b50000_JaffaCakes118

    • Size

      9.1MB

    • MD5

      2fc6435bd71cc4e52fb0526734b50000

    • SHA1

      f034b7b93b0656a9721efeb03db7e0a596998f47

    • SHA256

      59c059af923654a57cdcabe0652daf448200d51368ffd7610d4c5a421c0ca70e

    • SHA512

      cede8419d65992ea76fc5158539784aafbe698d425c9e8d8b722389aa16a7c6792e53e20202e331b5e8b10c64459ae02992952e15d947b6e633479c840ec8617

    • SSDEEP

      196608:eytBtUOGLBNd/KexY/w2wgplItfErbjC7PxTP9nJ0biEDDNpSWwjE:eAULHdqTw8ly799nJvaPHwg

    Score
    7/10
    collectiondiscoveryevasionimpactpersistence

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads the contacts stored on the device.

      collection

    • Reads the content of the call log.

      collection

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1

    • Target

      RootRobot

    • Size

      10KB

    • MD5

      a8932eaff21ef0f5b12212cd898f98a4

    • SHA1

      f433758b0d57312d85860f67b454bfcf8cdcfcaa

    • SHA256

      f85955930a6b8f39abeb9d9b2941a91aeba3dd51ec87c09ef0a2b207601fd416

    • SHA512

      cb5698f459e9ce90d58a4002d4158a751f721698c8891b95e91cad57c58f7a152d51faed7358cf459c8bbbe9514ce2e199f18021da829ddcc46a8d407ed76764

    • SSDEEP

      192:Xiga6QV8zsm40cpgLEeslYSmG0Cu18LBssYM9fZhufDf9KweF/:X/apSzz4CFslYSmGEcX3fZIf9K3

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      ri.jar

    • Size

      30KB

    • MD5

      e01c0945d20440b09f95db522986c824

    • SHA1

      5cc475a349dfefeb8dae1c7edb9ec79d5206f8ef

    • SHA256

      342392afc89e62c3f494785dbd8534a850696ff906e2a324ddea254f3fc5681f

    • SHA512

      047e8cc6f33c31327b31f619bf7c99d6bcf915d81c04c8fd0a1ab655ea79b3451335528871252852681ea5d0e97302238ea2c93d10da53e61e4bffbd8be03f26

    • SSDEEP

      768:0CRBlxbBAnEpMIapAk56Ez3MwxqzwR39svU1uu:0CRfxbWEmIaek56EQnKtsEuu

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Mobile v15

Tasks