Overview

overview

8

Static

static

6

6db358e02b...18.apk

android-9-x86

8

BDTX140.apk

android-9-x86

BDTX140.apk

android-10-x64

BDTX140.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6db358e02b9a820db40cbf554f4c0fec_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240524-hyyxjshd26

  • MD5

    6db358e02b9a820db40cbf554f4c0fec

  • SHA1

    ae98f6acda81a41fe92b84ba0dc0e62467f5a2c1

  • SHA256

    02264bc4b9b4061642aad15fa63d5d291bd8840bd9f3c449813362904f28c8c3

  • SHA512

    627f63dd33f04257b7e492a96062a89e0158deb6facb5c426f5cd8ba48fa512ca087b512367242936b445ef5bc4693da73b7f593d7815ce4d2550acf5d2a7494

  • SSDEEP

    49152:UEBWKK9EBWKKGmHmZ+oEBWKKWEBWKKncHAN2a:bBKWBKGmHmkBKpBKncH22a

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      6db358e02b9a820db40cbf554f4c0fec_JaffaCakes118

    • Size

      1.8MB

    • MD5

      6db358e02b9a820db40cbf554f4c0fec

    • SHA1

      ae98f6acda81a41fe92b84ba0dc0e62467f5a2c1

    • SHA256

      02264bc4b9b4061642aad15fa63d5d291bd8840bd9f3c449813362904f28c8c3

    • SHA512

      627f63dd33f04257b7e492a96062a89e0158deb6facb5c426f5cd8ba48fa512ca087b512367242936b445ef5bc4693da73b7f593d7815ce4d2550acf5d2a7494

    • SSDEEP

      49152:UEBWKK9EBWKKGmHmZ+oEBWKKWEBWKKncHAN2a:bBKWBKGmHmkBKpBKncH22a

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1

    • Target

      BDTX140

    • Size

      96KB

    • MD5

      cecd3872a89699f8a52c04b36770ac28

    • SHA1

      0825677ccb088f8eb59390d3d5c54d29b00a5fbb

    • SHA256

      61b4ea846f922634ddfbbd46369b23b8560780fae62db1b0ae90aceb4a976831

    • SHA512

      7be6809effa982bbab73df9f2ead279821ac7b2f52e52f5272fdd9fcafdc592ab76251e782cd964974a67f54fef6ca6bba191f2af10c811223650d710cd4c95c

    • SSDEEP

      3072:kfrMW3vCNUnvF303nHKypYotCX7LmF4iaE:kj93vhvu3HTTaE

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks