Overview

overview

10

Static

static

10

69b39bcec3...18.apk

android-9-x86

8

__xadsdk__...__.apk

android-9-x86

__xadsdk__...__.apk

android-10-x64

__xadsdk__...__.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69b39bcec3e9b339d75c456b36219c77_JaffaCakes118

  • Size

    7.5MB

  • Sample

    240523-ev5zxadf72

  • MD5

    69b39bcec3e9b339d75c456b36219c77

  • SHA1

    86292df54e731a9732e39dd026651535b929b413

  • SHA256

    8cd8281a046de3edc40dc24776472db92ad7653a5c3fe6bebefade070c61bf2a

  • SHA512

    6db0b87bbe15b4ec428cf380bc5e958581ccbaef446c586510916b83de0c5d94bb7e622fab327ccb636ec7620f395991a1fdbb6c58f795ad033cdfbf2bad208a

  • SSDEEP

    196608:Pe6ubzaezJ3Ap+NaoeQS06HQ5QU2dTQ6Q4YbUP3VL8Rue3E3PzjhUQoC:mvbzXtwpfoSfQ4YYP3VyE3PzV5oC

Score
10/10
jokerandroiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      69b39bcec3e9b339d75c456b36219c77_JaffaCakes118

    • Size

      7.5MB

    • MD5

      69b39bcec3e9b339d75c456b36219c77

    • SHA1

      86292df54e731a9732e39dd026651535b929b413

    • SHA256

      8cd8281a046de3edc40dc24776472db92ad7653a5c3fe6bebefade070c61bf2a

    • SHA512

      6db0b87bbe15b4ec428cf380bc5e958581ccbaef446c586510916b83de0c5d94bb7e622fab327ccb636ec7620f395991a1fdbb6c58f795ad033cdfbf2bad208a

    • SSDEEP

      196608:Pe6ubzaezJ3Ap+NaoeQS06HQ5QU2dTQ6Q4YbUP3VL8Rue3E3PzjhUQoC:mvbzXtwpfoSfQ4YYP3VyE3PzV5oC

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks Android system properties for emulator presence.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      __xadsdk__remote__final__.jar

    • Size

      65KB

    • MD5

      c83d02f3a965454b9d106beb5a111125

    • SHA1

      820f68024d29e40902a2ef041293b72de6f21202

    • SHA256

      39c93a5a72961e4664686f7a7ee10b82af182d1ea00ab188d99479f9b3d1a063

    • SHA512

      b9db74d0a9ecee9d70c9dad171199397d795836e0adc890c2ea37649274a42a56e67c8c901328f7c1d234e831f4d2e943d2c6e5c47043cda7f360a27a6b30442

    • SSDEEP

      1536:e/hsDoPAjTjYtsCO8MtccgEoH0KikQ4Mm1Zs:NjNn8+ol0KXTMm1q

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks