Overview

overview

8

Static

static

6

com.outfit...-8.apk

android-9-x86

8

com.outfit...-8.apk

android-10-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4eca1dc2234271316505fb48edf1206d_JaffaCakes118

  • Size

    22.3MB

  • Sample

    240517-g6wxgsdf83

  • MD5

    4eca1dc2234271316505fb48edf1206d

  • SHA1

    bf33a0f1a5bd42e66c42d38baa4777d2ea356df0

  • SHA256

    cdbd27e1cd9a97088c2242956c563e1d81cde603fdaeee9e108a56bc876a1e75

  • SHA512

    7ad50f3fc6b523722bbb2905d299bcaaa68c4447f89ec048df19e792baa914a25b8a3d90dd5d0b54941d1a0bf90e906024cd0c8d08ffb1462606005bbb9cb102

  • SSDEEP

    393216:F5FfeDgvSmJ9pLrRoLcsfycJxmDTzS26Tneh4pCA/EXo4BneSFNaHy579LaQz/y:ZFvldLVkcsfNJxAHkeh4zEdzNWk7FaQW

Score
8/10
androiddiscoveryevasionpersistence

Malware Config

Targets

    • Target

      com.outfit7.tomsmessengerfree-8.apk

    • Size

      10.4MB

    • MD5

      4432d39b1327ba236bb92238fdb875dd

    • SHA1

      162a59396edc8ad84d22578855ce2d97a18c0099

    • SHA256

      95b72dcb54a7ae7feba385f6d52e9c69e08b6487d074a2e513d93e01da3efae5

    • SHA512

      071eb8a55eb675999d5198641cfd1f349b272f3815627b18d433dcfe50d61ed98074905d549fa724680ee87b08d7b5d21c6c46fb07e0998a9acfa11d23517290

    • SSDEEP

      196608:btrC3Xmb2Uqb0C849eJGJ+rpWjsn8hlwOXU7D/yvj0iRzdrz9q05UQfqimNmo/U5:xM2jqb7eJg+rpW68zw/Pav7zd9ZmPzvc

    Score
    8/10
    discoveryevasionpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks