ad6aab977374b179d0af9ba5cbbeca3fc53bf1c19e38fbd22fdddd92d8796fe0 | Triage

Submit
Reports

Overview

overview

8

Static

static

6

6bda0ce655...18.apk

android-9-x86

8

6bda0ce655...18.apk

android-13-x64

Sharing

General

Target

6bda0ce655979c3e48191675af6cadbd_JaffaCakes118
Size

1.8MB
Sample

240523-wz7gzabg23
MD5

6bda0ce655979c3e48191675af6cadbd
SHA1

7047f48d621184e0619ebc89c5a6174ee1d92b5d
SHA256

ad6aab977374b179d0af9ba5cbbeca3fc53bf1c19e38fbd22fdddd92d8796fe0
SHA512

ff7ea0c8efe735f85513f292e37543f0479f6ae45f129fbeb5b259f0116bbdb4a18b1f4a24659e80049444805f7f562f630c6d9730662a9db985c3156d62388b
SSDEEP

49152:HHYQX4bBirCAslxTBv2SoRjEv1KY2JKy9VXmzqI0Z:dq0uAsTciv1MjVXgqZ

Score

8^/10

android discovery evasion impact persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6bda0ce655979c3e48191675af6cadbd_JaffaCakes118.apk

Resource

android-x86-arm-20240514-en

discovery evasion impact persistence

android-9-x86

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

6bda0ce655979c3e48191675af6cadbd_JaffaCakes118.apk

Resource

android-33-x64-arm64-20240514-en

android-13-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  6bda0ce655979c3e48191675af6cadbd_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  6bda0ce655979c3e48191675af6cadbd
- SHA1
  
  7047f48d621184e0619ebc89c5a6174ee1d92b5d
- SHA256
  
  ad6aab977374b179d0af9ba5cbbeca3fc53bf1c19e38fbd22fdddd92d8796fe0
- SHA512
  
  ff7ea0c8efe735f85513f292e37543f0479f6ae45f129fbeb5b259f0116bbdb4a18b1f4a24659e80049444805f7f562f630c6d9730662a9db985c3156d62388b
- SSDEEP
  
  49152:HHYQX4bBirCAslxTBv2SoRjEv1KY2JKy9VXmzqI0Z:dq0uAsTciv1MjVXgqZ
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

© 2018-2024

Terms | Privacy