Overview

overview

8

Static

static

6

661f16dc1e...18.apk

android-9-x86

8

661f16dc1e...18.apk

android-10-x64

1

UPPayPluginEx.apk

android-9-x86

1

UPPayPluginEx.apk

android-10-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    661f16dc1e0ca5a7bba67a796d7937ac_JaffaCakes118

  • Size

    28.7MB

  • Sample

    240522-fxrqqsda68

  • MD5

    661f16dc1e0ca5a7bba67a796d7937ac

  • SHA1

    e9b70ad7563d8034e425dd5b2af5e10b8f23d0f9

  • SHA256

    96a93b415e4befda3b902df8362b066bd2e2bd730bac3030f093242607af2088

  • SHA512

    f66a71111ce9439fa423f660a4efb9e8a68dba0552d5f854a0549b169163b03acb9c75144d63798ed9baf721b5a2ea423e9397b73da6d9fc728b83eb57bf3673

  • SSDEEP

    786432:D4qUQNl7XCVFEEaRVi+T7KNrSJSAw99VsBgNoHub2t1:c07X0a/j0OcAw5s0OW2t1

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      661f16dc1e0ca5a7bba67a796d7937ac_JaffaCakes118

    • Size

      28.7MB

    • MD5

      661f16dc1e0ca5a7bba67a796d7937ac

    • SHA1

      e9b70ad7563d8034e425dd5b2af5e10b8f23d0f9

    • SHA256

      96a93b415e4befda3b902df8362b066bd2e2bd730bac3030f093242607af2088

    • SHA512

      f66a71111ce9439fa423f660a4efb9e8a68dba0552d5f854a0549b169163b03acb9c75144d63798ed9baf721b5a2ea423e9397b73da6d9fc728b83eb57bf3673

    • SSDEEP

      786432:D4qUQNl7XCVFEEaRVi+T7KNrSJSAw99VsBgNoHub2t1:c07X0a/j0OcAw5s0OW2t1

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      evasion

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

      evasion

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      UPPayPluginEx.apk

    • Size

      682KB

    • MD5

      189e4cbee3d387b620ee3658493bff10

    • SHA1

      c553777745915ab9faf2a69036052bf75ff3aea9

    • SHA256

      9443936537a52b2194ed1af22099484d9f3af7ac1df5abf550cf4e68c55e1a6a

    • SHA512

      1db2912d44ad26af4b913acc1f602c535cc220e58d780f5f2a60bb00585ebb96e664a96f88cf72d5e2246e536e7b704c9ae90d908edabceaf8add8b4d9dc0e31

    • SSDEEP

      12288:HKeuG5BeFpMDpppppp9tySFI6Yz8IqjwRTgk2C8FbnF/FXMyq272ToDvd0cLEim0:HKhGDuiDppppppXyS6z8BjzcI55aTM20

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks