96fb8b8d23e69239bf2ce04b6dc122c476e7b20d735aa24cff153803cfc4c6f4 | Triage

Submit
Reports

Overview

overview

8

Static

static

6

55259564c9...18.apk

android-9-x86

8

55259564c9...18.apk

android-10-x64

8

55259564c9...18.apk

android-11-x64

8

Sharing

General

Target

55259564c9321d32b249c4afd162eefd_JaffaCakes118
Size

7.3MB
Sample

240518-rmgcssfd6x
MD5

55259564c9321d32b249c4afd162eefd
SHA1

14d85319652f9047cd4dd2569a78bbf9c81b2709
SHA256

96fb8b8d23e69239bf2ce04b6dc122c476e7b20d735aa24cff153803cfc4c6f4
SHA512

0cf0611bb8b73ad6e74c12c96a1333d9161ee48e12bf3c17c5df0deb7ad96d4bf9acac8897ca9cfa6e8ee14c2fa1671003638490e558a434ef3226beac3887b1
SSDEEP

98304:vk0L5nCNdy3W4T7rUivk6TaHohd7tz1kgfOuIx2A7/8ds:vk0lygdPUivk8iohdrsx2G/os

Score

8^/10

android discovery evasion persistence stealth trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk

Resource

android-x86-arm-20240514-en

discovery evasion persistence stealth trojan

android-9-x86

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk

Resource

android-x64-20240514-en

discovery evasion persistence stealth trojan

android-10-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk

Resource

android-x64-arm64-20240514-en

discovery evasion persistence stealth trojan

android-11-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  55259564c9321d32b249c4afd162eefd_JaffaCakes118
- Size
  
  7.3MB
- MD5
  
  55259564c9321d32b249c4afd162eefd
- SHA1
  
  14d85319652f9047cd4dd2569a78bbf9c81b2709
- SHA256
  
  96fb8b8d23e69239bf2ce04b6dc122c476e7b20d735aa24cff153803cfc4c6f4
- SHA512
  
  0cf0611bb8b73ad6e74c12c96a1333d9161ee48e12bf3c17c5df0deb7ad96d4bf9acac8897ca9cfa6e8ee14c2fa1671003638490e558a434ef3226beac3887b1
- SSDEEP
  
  98304:vk0L5nCNdy3W4T7rUivk6TaHohd7tz1kgfOuIx2A7/8ds:vk0lygdPUivk8iohdrsx2G/os
Score

8^/10

discovery evasion persistence stealth trojan
- Checks if the Android device is rooted.
  evasion
- Removes its main activity from the application launcher
  stealth trojan evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionpersistencestealthtrojan

behavioral2

discoveryevasionpersistencestealthtrojan

behavioral3

discoveryevasionpersistencestealthtrojan

© 2018-2024

Terms | Privacy