Overview

overview

7

Static

static

6

6d3f2055b9...18.apk

android-9-x86

7

push.apk

android-9-x86

push.apk

android-10-x64

push.apk

android-11-x64

smsplugin.apk

android-9-x86

1

smsplugin.apk

android-10-x64

1

smsplugin.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d3f2055b9bf1a61bd86c33da87cc83f_JaffaCakes118

  • Size

    11.1MB

  • Sample

    240524-eb8lpabh84

  • MD5

    6d3f2055b9bf1a61bd86c33da87cc83f

  • SHA1

    51461e10d435332f80c291d712b747cfdb492a5c

  • SHA256

    9962525df77b7e627f9620239e8231b2765acf73cbd5d126c3416fe19c2bc30a

  • SHA512

    13e149180d022c691c86b0a2f755312311be1a8cbf768dc9b1c89ac7613c769701e07140015c51da2c50f0a5750dbf7e0df16956831057b6033c6258b73be981

  • SSDEEP

    196608:EbsXDnTgg/11EJsjyvZd4VgFWWf1VadAx9nEaERcmAMNdCNCu3PGeigKtP1W:g8T9/12Z/4VtWASw8b3NigmNW

Score
7/10
androidcollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      6d3f2055b9bf1a61bd86c33da87cc83f_JaffaCakes118

    • Size

      11.1MB

    • MD5

      6d3f2055b9bf1a61bd86c33da87cc83f

    • SHA1

      51461e10d435332f80c291d712b747cfdb492a5c

    • SHA256

      9962525df77b7e627f9620239e8231b2765acf73cbd5d126c3416fe19c2bc30a

    • SHA512

      13e149180d022c691c86b0a2f755312311be1a8cbf768dc9b1c89ac7613c769701e07140015c51da2c50f0a5750dbf7e0df16956831057b6033c6258b73be981

    • SSDEEP

      196608:EbsXDnTgg/11EJsjyvZd4VgFWWf1VadAx9nEaERcmAMNdCNCu3PGeigKtP1W:g8T9/12Z/4VtWASw8b3NigmNW

    Score
    7/10
    collectiondiscoveryevasionpersistence

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Reads the content of SMS inbox messages.

      collection

    • Reads the content of the browser bookmarks.

      collection

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      push.jar

    • Size

      4KB

    • MD5

      7581454a2cd1047c3ef08cb0351698dc

    • SHA1

      0ce7e11321b4ebad862afd189bdae13cd91c4c16

    • SHA256

      ccdddf7249640cf87f2fad7c1642996fb22e7b2ef0829d87503369f1c3273fab

    • SHA512

      b11c0e176b56beb2e40ff24f68a0177bd8478649e599a3a242a8d7eea0bb5db38012ed0e08adee6bd0dfcd925728d517282db8d743352d2f34430d21d51861d5

    • SSDEEP

      96:dA7aiZCdloEw91ESks3geXymK8Nku5t9b:K7aiZC4N91EC3zCmKF0Z

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      smsplugin.apk

    • Size

      633KB

    • MD5

      d54f53bde167a0e6e01c0c3090af1d70

    • SHA1

      56e8455dc808687de00ab664deed7ae0dcf796be

    • SHA256

      a10bf18a1807580e8b5cb8ac38127c0b6642eb747620b014329886f75e2c5937

    • SHA512

      c8c7d2337ce448bbe41be90a8229f848a202ab3d80afb48c49cb40b406efdd439117be603424dd340334c955969e2f4f0ab7d72fe24727e1a62150203d62abdf

    • SSDEEP

      12288:RdNv7+3tvQCnytY/0p0M0+xJ0DvlVlJwe3ZqAZT+hCcanAaK/w:7NjstvFnDvlWMTC+AaKo

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Matrix

Tasks