Overview

overview

8

Static

static

6

5b9c8b4e18...18.apk

android-9-x86

7

5b9c8b4e18...18.apk

android-10-x64

7

box.apk

android-9-x86

7

box.apk

android-10-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    5b9c8b4e188fb695f7340440fd6684a4_JaffaCakes118

  • Size

    30.3MB

  • Sample

    240519-1hsppsbb84

  • MD5

    5b9c8b4e188fb695f7340440fd6684a4

  • SHA1

    40fe63eb2ef4876304c22a82c2663873fa557a47

  • SHA256

    f1cb29c925ae1c8c941f53f42507de162407122ec825e33a662430465f93b839

  • SHA512

    4d960e539ad7c7202cc5c455d6ef299da57b2f1d83805f72fd1b7a0e269fbdcf0146ee87a2b93cbd8134e52121156acf31a04df617523326f20ff5cfe6bffc67

  • SSDEEP

    786432:Buu7albd+0ZbsAEiR3QnAfc3vQDBrFOE1X3TablaiyFfdv/u8UFkaB4TdH:Uukbd+08kAnlfQd8E1X3aZmliDB4TdH

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      5b9c8b4e188fb695f7340440fd6684a4_JaffaCakes118

    • Size

      30.3MB

    • MD5

      5b9c8b4e188fb695f7340440fd6684a4

    • SHA1

      40fe63eb2ef4876304c22a82c2663873fa557a47

    • SHA256

      f1cb29c925ae1c8c941f53f42507de162407122ec825e33a662430465f93b839

    • SHA512

      4d960e539ad7c7202cc5c455d6ef299da57b2f1d83805f72fd1b7a0e269fbdcf0146ee87a2b93cbd8134e52121156acf31a04df617523326f20ff5cfe6bffc67

    • SSDEEP

      786432:Buu7albd+0ZbsAEiR3QnAfc3vQDBrFOE1X3TablaiyFfdv/u8UFkaB4TdH:Uukbd+08kAnlfQd8E1X3aZmliDB4TdH

    Score
    7/10
    evasionpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence
    behavioral1behavioral2

    • Target

      box.apk

    • Size

      7.0MB

    • MD5

      234c80631776ab147b67e72dd99d80ee

    • SHA1

      7a54c1f4bc0d5cf58a21cb2dce177851a660ab7a

    • SHA256

      64a84251f525aa4e5368b5bf4b87aec5ffa2f5907cda0005f73505c67f978280

    • SHA512

      3a22ed0f3b4ef71d5a64fb66a9d3d12c4d2dde234cf3c5640b3bb6d5929ad1b23cbba0440ceb43113331fe0e8f826297493c358c7f492e7db400cb6bc224d29b

    • SSDEEP

      98304:UAQWC295gIeXkMUaYfeNjgc70fGCgyVDo97NELpYWTS/RCVH0LZzvNcGGxpeVk/G:eq5ggaYsjgceGreDaup6RGHC1+vvG

    Score
    8/10
    discoverypersistenceevasionimpact

    • Checks if the Android device is rooted.

      evasion

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks