Overview

overview

7

Static

static

6

681b10db9f...18.apk

android-9-x86

7

681b10db9f...18.apk

android-10-x64

7

gdtadv2.apk

android-9-x86

gdtadv2.apk

android-10-x64

gdtadv2.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    681b10db9feb43c1da1cbac0a81fd195_JaffaCakes118

  • Size

    10.9MB

  • Sample

    240522-wgpjfaba2t

  • MD5

    681b10db9feb43c1da1cbac0a81fd195

  • SHA1

    25e8baa5433c2657082638d5a6abd5a735c04a4c

  • SHA256

    2fab85457935f7da9c8dfe30ba4e7faf28a38c8ef6ae56ccee4a13d115541e12

  • SHA512

    60af10603aaf31d7c8c75d3260eaa56010fd054aec64a1e7c827a4786b6065fa8a647f3ac989498900079c6c1067b702b09e4331a68fc080f28a3c6b7b435714

  • SSDEEP

    196608:rUNL7MAc/9c/Y81xrzBDDhtkOIcH2L8Dl1mFdF8d8F595O:r9lcrxvVDhtkQHFWb8d8F59w

Score
7/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      681b10db9feb43c1da1cbac0a81fd195_JaffaCakes118

    • Size

      10.9MB

    • MD5

      681b10db9feb43c1da1cbac0a81fd195

    • SHA1

      25e8baa5433c2657082638d5a6abd5a735c04a4c

    • SHA256

      2fab85457935f7da9c8dfe30ba4e7faf28a38c8ef6ae56ccee4a13d115541e12

    • SHA512

      60af10603aaf31d7c8c75d3260eaa56010fd054aec64a1e7c827a4786b6065fa8a647f3ac989498900079c6c1067b702b09e4331a68fc080f28a3c6b7b435714

    • SSDEEP

      196608:rUNL7MAc/9c/Y81xrzBDDhtkOIcH2L8Dl1mFdF8d8F595O:r9lcrxvVDhtkQHFWb8d8F59w

    Score
    7/10
    discoveryevasionpersistencecollectioncredential_accessimpact

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      gdtadv2.jar

    • Size

      185KB

    • MD5

      61d382a27900ed2d4cebdf457267f1e5

    • SHA1

      f80ad366ab26348f6a34087363ff1ca2d2d5e993

    • SHA256

      820eae192b97f58efec7165398c08125315a15bf474695fe68ff06f19c9cdd00

    • SHA512

      0dbf43014c0f4b8485e3345d6e1521485099d6e91ad585b25ce349aaff36e8c7a3db88b73d27db6fecf20dfd962b4d41708791c9a18aed39d86c05525d5c3217

    • SSDEEP

      3072:7JH59twK9nIvYAAj5P1CNiq3l4QVacCZ0eqTMeipL43j/y:7d59HJIXcYoq1BMjJ8Dy

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks