Overview

overview

8

Static

static

1

57ec1dcfd2...18.apk

android-9-x86

8

57ec1dcfd2...18.apk

android-10-x64

8

57ec1dcfd2...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    57ec1dcfd28d9c98814767636ed81540_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240519-b17txabg98

  • MD5

    57ec1dcfd28d9c98814767636ed81540

  • SHA1

    9f742d1c784147cec66cd2291ba100b4ad6ee1f2

  • SHA256

    27e9e232c515693f9d97c999b6de1f047caee952ba3390f6d4bae85902d56705

  • SHA512

    76ba55424b13716856c66d9a5d0a08f27803987f70102f7de428596d8ab3b495e0d7481961e49a2317cbcd5cbcf4b627ca38acafb660cb4a7df99a1e2ce23ec9

  • SSDEEP

    24576:y+ERmdINfj73sE0mE7Yu4lqWEtnuMKOsCS46shzEZpgl5rdFo9Pu98LLUMQXen1n:y6IKmBuSVEtnuXVsh4ZUtXZ0QC73Zdz

Score
8/10
androidcollectioncredential_accessdiscoveryevasionexecutionimpactpersistencestealthtrojan

Malware Config

Targets

    • Target

      57ec1dcfd28d9c98814767636ed81540_JaffaCakes118

    • Size

      2.0MB

    • MD5

      57ec1dcfd28d9c98814767636ed81540

    • SHA1

      9f742d1c784147cec66cd2291ba100b4ad6ee1f2

    • SHA256

      27e9e232c515693f9d97c999b6de1f047caee952ba3390f6d4bae85902d56705

    • SHA512

      76ba55424b13716856c66d9a5d0a08f27803987f70102f7de428596d8ab3b495e0d7481961e49a2317cbcd5cbcf4b627ca38acafb660cb4a7df99a1e2ce23ec9

    • SSDEEP

      24576:y+ERmdINfj73sE0mE7Yu4lqWEtnuMKOsCS46shzEZpgl5rdFo9Pu98LLUMQXen1n:y6IKmBuSVEtnuXVsh4ZUtXZ0QC73Zdz

    Score
    8/10
    discoveryevasionexecutionpersistencestealthtrojancollectioncredential_accessimpact

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks