Overview

overview

8

Static

static

6

66d009b47b...18.apk

android-9-x86

8

66d009b47b...18.apk

android-10-x64

8

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66d009b47bcae4402f92b6dbd06815e2_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240522-lkn2zaah41

  • MD5

    66d009b47bcae4402f92b6dbd06815e2

  • SHA1

    4add0e894c8b465615c0b82f95066745c99fe885

  • SHA256

    a17894f1f8f612a1518ffec42df26d0aeafa5114811441c920baade5bca040ec

  • SHA512

    b8d19a197e6870f9ed1d5534817c20cfd5c9b54e967f8c56eda7eacb42323060308c78157c14d6987be1e1af36842067d2ecbda5a716e6e0b97ee8320812bdb0

  • SSDEEP

    49152:eb4a2A91dj+ht4LEiqlxLLEFXEahz4UGFzqeQrx2KnOaqrr:epr1djOmLEiKLchc7tAV2jrr

Score
8/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      66d009b47bcae4402f92b6dbd06815e2_JaffaCakes118

    • Size

      2.1MB

    • MD5

      66d009b47bcae4402f92b6dbd06815e2

    • SHA1

      4add0e894c8b465615c0b82f95066745c99fe885

    • SHA256

      a17894f1f8f612a1518ffec42df26d0aeafa5114811441c920baade5bca040ec

    • SHA512

      b8d19a197e6870f9ed1d5534817c20cfd5c9b54e967f8c56eda7eacb42323060308c78157c14d6987be1e1af36842067d2ecbda5a716e6e0b97ee8320812bdb0

    • SSDEEP

      49152:eb4a2A91dj+ht4LEiqlxLLEFXEahz4UGFzqeQrx2KnOaqrr:epr1djOmLEiKLchc7tAV2jrr

    Score
    8/10
    collectiondiscoveryevasionpersistencecredential_accessimpact

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads device software version

      Uses Android APIs to read software version number for the device (IMEI/SV for GSM devices).

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      plugin-deploy.jar

    • Size

      141KB

    • MD5

      9f4bbcd28bcd69e8bc4ce666a14ab362

    • SHA1

      0919eb3d9a4cc4dc494a9ba983120d50caee373a

    • SHA256

      9936759227ab2008f8fc16cc08b04b3a8e394260dbb6f75f176457d2b0539c1c

    • SHA512

      2c40138dc94f1b0483f0c7203c9e7c29118f21b475bfea875a1214feb2b9e79e75243a45dfcfe431065c9e9a9cfaaa43b152c68cd8e372b31e6a31eb3bc77487

    • SSDEEP

      3072:K9FFjFj1v+/d3wzw+K9hKF717GIGKaPtFBtlSuoSBCx5sA1P3+TbS:8VtGA8+Kf2lGIG5FDSICxyjTbS

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Matrix

Tasks