Overview

overview

8

Static

static

6

6c729ecaf3...18.apk

android-9-x86

8

6c729ecaf3...18.apk

android-11-x64

8

xq_skin_blue.apk

android-9-x86

1

xq_skin_blue.apk

android-10-x64

1

xq_skin_blue.apk

android-11-x64

1

xq_skin_orange.apk

android-9-x86

1

xq_skin_orange.apk

android-10-x64

1

xq_skin_orange.apk

android-11-x64

1

xq_skin_pink.apk

android-9-x86

1

xq_skin_pink.apk

android-10-x64

1

xq_skin_pink.apk

android-11-x64

1

xq_skin_red.apk

android-9-x86

1

xq_skin_red.apk

android-10-x64

1

xq_skin_red.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c729ecaf3a1413cbce2cbfec9159014_JaffaCakes118

  • Size

    11.0MB

  • Sample

    240523-2amn6abb7t

  • MD5

    6c729ecaf3a1413cbce2cbfec9159014

  • SHA1

    5f9b43b8228bbbff6e7891785eafa53f77db424e

  • SHA256

    084d7d0f0f3c8378127fc27e4fa104f64c4ccbe46890718a6835fd3dfc012fc0

  • SHA512

    77c7bd7ec44ebf81972eb000f3dce38991548d04d3c74423fbddecab1a42ee233319e12b53230bbeb366052669da2b6480c0b8d170969b8cba01a70ac4d64308

  • SSDEEP

    196608:CmdJifUPeu1S18Hm9Oh3G5lV7ejQAQ1n6AA+tQ4IgIKl6iUobxJBOobxJ2L:tdJioMgV0l9ejQAQNA4ZINKgGZJOL

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      6c729ecaf3a1413cbce2cbfec9159014_JaffaCakes118

    • Size

      11.0MB

    • MD5

      6c729ecaf3a1413cbce2cbfec9159014

    • SHA1

      5f9b43b8228bbbff6e7891785eafa53f77db424e

    • SHA256

      084d7d0f0f3c8378127fc27e4fa104f64c4ccbe46890718a6835fd3dfc012fc0

    • SHA512

      77c7bd7ec44ebf81972eb000f3dce38991548d04d3c74423fbddecab1a42ee233319e12b53230bbeb366052669da2b6480c0b8d170969b8cba01a70ac4d64308

    • SSDEEP

      196608:CmdJifUPeu1S18Hm9Oh3G5lV7ejQAQ1n6AA+tQ4IgIKl6iUobxJBOobxJ2L:tdJioMgV0l9ejQAQNA4ZINKgGZJOL

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      xq_skin_blue.zip

    • Size

      241KB

    • MD5

      8bc2a1930298bd559fccd51e4848dedb

    • SHA1

      4baed190ab302fef22faf1d9d82f1e10ef34d4a1

    • SHA256

      e4a0d2f9183e23a410eff9ad58a8165e2cae1822601ad547d00f453c7d92be41

    • SHA512

      9e84e817457d338ba7b87e63d7e788b910ca8fe1433fae8cdcc27d6fbe828b12df4a678f698b15715065488d6b4dddffaed837d3ef58219c1f1685247f5e8065

    • SSDEEP

      3072:7hcibeflxBNupNstL2Nq15TXRzokN5lo5TRdfjkfMJJBjA5U3ww4f:FcimxBwOdzTlZ5la3kfgvz3wJf

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      xq_skin_orange.zip

    • Size

      252KB

    • MD5

      5ad0e6262b34e8799ba002deb2f0ea62

    • SHA1

      0e5cf70e3835c141d4ed6ca6fddec3b136f915e3

    • SHA256

      dbcaf8e5acbc0f6badc27ad9a841ae285e48ccefcda8bbc7a2f2ff2777311b03

    • SHA512

      17fa59aafde89c8458caadffc9cbf32028af4a1e7eaf5b693704640d4ab6d1ac8b07cf29ce081b9c7d55ce3ad0ff5e7bd5cfe8e3e88462a81b2e993bd76c8092

    • SSDEEP

      6144:NAugCYAgUiTN9+033H0w5tZxPJvUCcoNC3wbs8S:mFOgBTN9J0w5tZxPFrK

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      xq_skin_pink.zip

    • Size

      243KB

    • MD5

      6bce58e4e2c5fdfd7318585401991da7

    • SHA1

      18d98713867d7d92ebd67108e4655a3fe38dc41c

    • SHA256

      ade7a719828437732f5810244ebba0c0b0e7642eee03b1d6ea1a18dca48439a4

    • SHA512

      f6b2b64ab69d5bf81d34f560152ef9cea6bd32d0af806edf8599a7e0bcbf9013db13bbb58d086a457dbe7506c8f042d766ac03a730dbcbea510eb08971a30b25

    • SSDEEP

      3072:ldVFmhUr31fPISE+7Nvzoz9mKuZzt5pq/GkprpF1SZZoGsl3ww/a5+:H/mhMQ+7RXDZTfGb7l3w2ag

    Score
    1/10
    behavioral10behavioral11behavioral9

    • Target

      xq_skin_red.zip

    • Size

      252KB

    • MD5

      f5d8e4664717b1242e610252fb050f2a

    • SHA1

      b08d17f683c8e12328e8512e1de25a7e94a693d1

    • SHA256

      32c9071e18057c3d8affd242e40b98316a59fe52867cd8d44754efca49d86069

    • SHA512

      38756cab46644d722e6560b05107ca7e6c748bfe256a70d61053185b3a69a9f67216149d05237ee05352d1526a340330a1070ab8de5a65f60873fc7c93bd9232

    • SSDEEP

      6144:ET7ashpNp+ScqcKBxv2AaMUYSnWs3wKC+XH/:ca+HcqTR9UY11B+

    Score
    1/10
    behavioral12behavioral13behavioral14

MITRE ATT&CK Matrix

Tasks