Overview

overview

8

Static

static

6

50782829ad...18.apk

android-9-x86

8

50782829ad...18.apk

android-10-x64

8

CommonPlugin-3.4.apk

android-9-x86

1

CommonPlugin-3.4.apk

android-10-x64

1

CommonPlugin-3.4.apk

android-11-x64

1

FrameworkP....0.apk

android-9-x86

1

FrameworkP....0.apk

android-10-x64

1

FrameworkP....0.apk

android-11-x64

1

WelcomePlugin-2.4.apk

android-9-x86

1

WelcomePlugin-2.4.apk

android-10-x64

1

WelcomePlugin-2.4.apk

android-11-x64

1

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50782829adb6127099f799f794572868_JaffaCakes118

  • Size

    4.9MB

  • Sample

    240517-t82xqsha7s

  • MD5

    50782829adb6127099f799f794572868

  • SHA1

    bc1eaff041668d8015c8d3ba0eef949cccf23dd0

  • SHA256

    4499f7b775d18998fc1ae4a6851e66ebd0f51017a758f8320687a738a16c5771

  • SHA512

    ce001abf5ae76683eca6e21f908684bbc728a4d0a1cc73d17bb6bd5b5fc76321feaf3e1149f81dcb190a3f58c9ff24c3053a509073031c1ccf349f1982d631eb

  • SSDEEP

    98304:7HDcwyHRXY3osK/aHhpg1RltnGyKXHdirV2UqrE0SCqIsQgl1FesZfr7CzLLw/oi:73+1ios0aHM1R7G0rVNqrNSCxsQM1z6Y

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      50782829adb6127099f799f794572868_JaffaCakes118

    • Size

      4.9MB

    • MD5

      50782829adb6127099f799f794572868

    • SHA1

      bc1eaff041668d8015c8d3ba0eef949cccf23dd0

    • SHA256

      4499f7b775d18998fc1ae4a6851e66ebd0f51017a758f8320687a738a16c5771

    • SHA512

      ce001abf5ae76683eca6e21f908684bbc728a4d0a1cc73d17bb6bd5b5fc76321feaf3e1149f81dcb190a3f58c9ff24c3053a509073031c1ccf349f1982d631eb

    • SSDEEP

      98304:7HDcwyHRXY3osK/aHhpg1RltnGyKXHdirV2UqrE0SCqIsQgl1FesZfr7CzLLw/oi:73+1ios0aHM1R7G0rVNqrNSCxsQM1z6Y

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

    • Target

      CommonPlugin-3.4.apk

    • Size

      520KB

    • MD5

      4f65990c39e69d08141ccd06b4332853

    • SHA1

      8cbc5f6d5eec55c122966bf71b2224dc616aaa95

    • SHA256

      68ea96d2934280ebd29d9124a7af726a4c33a515e47b374b4874de9d09430e33

    • SHA512

      5fecdd831dc64644606e6ee390ccf5d80b75e66686a348fb21e0034ba27bd69f3b39a1cc21e05382caf45cd979cf907e8124b30133407cdde3255413ed00bf55

    • SSDEEP

      12288:iVK31Dj9G1qLD9u1y62N93V9xZGk4o5x+/59:B1DJ6w9B1VZGk4H9

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      FrameworkPlugin-3.0.apk

    • Size

      18KB

    • MD5

      23dec9199a698f17dba2982c2a4dce53

    • SHA1

      00d2498b25d7fe4b6797ad4745d356685301cb27

    • SHA256

      7dbeddca1d878770c379ee00d5314f089423f9887b2648e5952d5a8d1575d062

    • SHA512

      5d0dfb479565871ca463e89a4a7a742afac78baa91a521e330ffc9f605f534171a68791197c64874369f4d079a6d6e537e678d799837b24be3b79fdb3f61db25

    • SSDEEP

      384:nP/UuSRfLCfkzxrqpMuMyWQ78xqUl1yVXAQv8mbrWR:UnXYpMyW1MUl0VQ5

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      WelcomePlugin-2.4.apk

    • Size

      46KB

    • MD5

      35be60f9ca95fd3591c3d6b9010e155b

    • SHA1

      dc1ef487aa399dd6a4d7620f65605eabb672f156

    • SHA256

      5d17acd8030816c8176d7fc6e779187385f2da09a0f4aea6f7e36c72048c96df

    • SHA512

      750b251244daf073a47fc3b3646ac5e4ee2b76e2e074da1d22ef3cb5ce77257500d9892375e3136e3fb7ea67a175fa09c922f2fbcf1c22d7d9ffa80e01e6c279

    • SSDEEP

      768:rGpIrXFWLKxe7X+Fu9K8xJSgn76AXxNNsqjgpYHy52Uyh1ES/RcqguoSDUsavm65:wIbgLKxe7wu7igJXXNAYHyoU7S/RcdDF

    Score
    1/10
    behavioral10behavioral11behavioral9

    • Target

      gdtadv2.jar

    • Size

      94KB

    • MD5

      89e4f38e6b9d5ec232393182419bf9be

    • SHA1

      ce5a5004c5425654a952edd0960576917b6d856e

    • SHA256

      8d8a5a37b5cafa9fbcdbc8ea4809c6587de082b22af34b28fa7875dc557a0921

    • SHA512

      15d2f743a5be853007e26d4f145cfca411c01a5d275a07eaeb177b15c2207c31814539d8a7a5610e8e52fbf344ee7d08d62102e29ef98d62e9796ff98fa69662

    • SSDEEP

      1536:An0duV/pT8w7Rvhh7x32lRCG5VuR/Zq/ue+YSi3aF8ZJemLvQGHD6z:M0Af8wNvhHmlzgNwwL8ZRLRy

    Score
    1/10
    behavioral12behavioral13behavioral14

MITRE ATT&CK Mobile v15

Tasks