Overview

overview

8

Static

static

6

6919869580...18.apk

android-9-x86

8

6919869580...18.apk

android-10-x64

8

CommonPlugin-2.6.apk

android-9-x86

1

CommonPlugin-2.6.apk

android-10-x64

1

CommonPlugin-2.6.apk

android-11-x64

1

FeedPlugin-1.2.apk

android-9-x86

1

FeedPlugin-1.2.apk

android-10-x64

1

FeedPlugin-1.2.apk

android-11-x64

1

FrameworkP....3.apk

android-9-x86

1

FrameworkP....3.apk

android-10-x64

1

FrameworkP....3.apk

android-11-x64

1

TAEPlugin-1.3.apk

android-9-x86

1

TAEPlugin-1.3.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6919869580e4ae4023b9f69cef59acf9_JaffaCakes118

  • Size

    11.3MB

  • Sample

    240523-ag3keaec5y

  • MD5

    6919869580e4ae4023b9f69cef59acf9

  • SHA1

    bc8bfa0ae5b3fc2a726e484e6a2abf6b9d4e0034

  • SHA256

    304ebc227163b6de2f6c60006340bd588ab1297bd6d642bdde44bb0208a0861c

  • SHA512

    dbc4fde68236933469288cec25af22a1d4a3d1b40c5d46d94e03628a45293ed3d76bd2811f6967a5368498f4ea747216300c3cb3ccf0d26489c0ae22469d33c8

  • SSDEEP

    196608:ruKkfY2xIbu+VPtbdCqadsNEebsCZsY9PgTGDGjMTG2fL8Eih:lkfjIuIFdCdsCYvRYbeG9Eih

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      6919869580e4ae4023b9f69cef59acf9_JaffaCakes118

    • Size

      11.3MB

    • MD5

      6919869580e4ae4023b9f69cef59acf9

    • SHA1

      bc8bfa0ae5b3fc2a726e484e6a2abf6b9d4e0034

    • SHA256

      304ebc227163b6de2f6c60006340bd588ab1297bd6d642bdde44bb0208a0861c

    • SHA512

      dbc4fde68236933469288cec25af22a1d4a3d1b40c5d46d94e03628a45293ed3d76bd2811f6967a5368498f4ea747216300c3cb3ccf0d26489c0ae22469d33c8

    • SSDEEP

      196608:ruKkfY2xIbu+VPtbdCqadsNEebsCZsY9PgTGDGjMTG2fL8Eih:lkfjIuIFdCdsCYvRYbeG9Eih

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      CommonPlugin-2.6.apk

    • Size

      623KB

    • MD5

      78ec277dd7d5058856aa031883b722d1

    • SHA1

      8fe56ebe721bf2a53e52f4f7c2da269bfd0a948e

    • SHA256

      575660343f31c0038212b3ea49816b52ae95456ca0c2ea0a6f6d16eae541ee73

    • SHA512

      f20cd321975d764730970d3651e4ef19de37e9e7ec89ed09b38ff2c11342685e76d925b4b1970e4dd5693cb1b0d474e5fabebfc5e640402d0fa15f2515894611

    • SSDEEP

      12288:wJc4XShjGM0UUT54ScHmlHxbyOMwGsCqLtdcpH1DYUn:wzShSTaSPWOb35cHhn

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      FeedPlugin-1.2.apk

    • Size

      40KB

    • MD5

      cfdf729f1cf795b06071f216acf114b1

    • SHA1

      91188427b3bc89ad56568c09284e579c3ad06aef

    • SHA256

      978aafd34a5798d1cc3c8681461fa78ac02313dedbcb9fdb8b7985e598033598

    • SHA512

      8f12c435855c6365c74cee94da04ce91d7e71a78c8b85e319d60e3d6747bf275860695d46021d0ad60951140bf38cb44bd687f37d2550613482e393e7c980474

    • SSDEEP

      768:4q/aoVdCkhB8KUnBZzuE/RNVd47hBPEOVfF30Vxw5tzthf:4q/TQkhB/gUEZNSX16Snphf

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      FrameworkPlugin-2.3.apk

    • Size

      17KB

    • MD5

      6393ef1ee424db0d146ff45727831591

    • SHA1

      a68443910e562178c5802b433291089a7f46fa7a

    • SHA256

      6e133bfcbc45d0514d56896daf4ceca3464d77f9b0449e03aaf624a5351d072c

    • SHA512

      f5e4d339e1ef91e579134dcb96ea985de011030b9accc9603c23fb058975b2911db60caede7f0e79bdea03780b20e5bdea99549803ac60b2ae0283769e0847e2

    • SSDEEP

      384:wd3UpbSRFJ43AQ6SLV3joXYffg3zNQruDdsCvG+vjzu:FOFJ43PLtUXyfkzSrws6rvjy

    Score
    1/10
    behavioral10behavioral11behavioral9

    • Target

      TAEPlugin-1.3.apk

    • Size

      795KB

    • MD5

      7dcde0d7667ca2337b143271d4c9e512

    • SHA1

      ce6d164359123388b9945c0cedbc714cb334a999

    • SHA256

      672ae7a097c7989c7ae459da4facda65c85176be7de2ac77e6110cb2c97a5911

    • SHA512

      e04d177b04d0a23728db5d378aab3aedd999a35ae26c6e89f168fd7ea8e96a07f074d00b6d470eaeeb36bd2e3b4525ff01f85d67302e3684cbec35a4b0edc7ce

    • SSDEEP

      24576:QDECqYe1jMV2ZDDUDBhyIBXt0KSk1IT3De9:QDqVMV25wee9jbGze9

    Score
    1/10
    behavioral12behavioral13

MITRE ATT&CK Matrix

Tasks