Overview

overview

8

Static

static

6

6ede98b616...18.apk

android-9-x86

8

6ede98b616...18.apk

android-10-x64

8

plugin-deploy.apk

android-9-x86

plugin-deploy.apk

android-10-x64

plugin-deploy.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ede98b616e2cd24868424f68c6520d6_JaffaCakes118

  • Size

    11.5MB

  • Sample

    240524-r3f2zahh23

  • MD5

    6ede98b616e2cd24868424f68c6520d6

  • SHA1

    47e5ef0e6659e4fbcaa204501b39df99864db1b9

  • SHA256

    93cff97b27ffd59f6f1b3487eca141bf41f381856825b93a44681809c879c55f

  • SHA512

    d1aaebb0ff231f8d85b5647ad5e034424818b58b0a833f4634b88900b65f58ffa86f9848db569f26da8cba13ae27151e2d5c212508d888511b304764becccdf9

  • SSDEEP

    196608:FWAMKJz+yWJxVkbXXYBxZS0+FFWAVguWFWmkMve4lf0Oa17uSYBMwo6HzlTbs9jE:Rz+dJSSk0+DWAV9WFWm8w0OI7eU6xTeE

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      6ede98b616e2cd24868424f68c6520d6_JaffaCakes118

    • Size

      11.5MB

    • MD5

      6ede98b616e2cd24868424f68c6520d6

    • SHA1

      47e5ef0e6659e4fbcaa204501b39df99864db1b9

    • SHA256

      93cff97b27ffd59f6f1b3487eca141bf41f381856825b93a44681809c879c55f

    • SHA512

      d1aaebb0ff231f8d85b5647ad5e034424818b58b0a833f4634b88900b65f58ffa86f9848db569f26da8cba13ae27151e2d5c212508d888511b304764becccdf9

    • SSDEEP

      196608:FWAMKJz+yWJxVkbXXYBxZS0+FFWAVguWFWmkMve4lf0Oa17uSYBMwo6HzlTbs9jE:Rz+dJSSk0+DWAV9WFWm8w0OI7eU6xTeE

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      plugin-deploy.jar

    • Size

      213KB

    • MD5

      e70723b8f6c4c7c09a6019733022cf53

    • SHA1

      e3ca32166c65e4dc73c21347ab22d54a7b5a9a83

    • SHA256

      32d35cd80b0302e3fcdd7349b4ff9a7b689ce080435109607ff79a834ff710d5

    • SHA512

      461c0499193c5ef5aa4e2e5d358031e7d28c98c8e1e38d22b710271bf3b561c28232bfaadbc2c275357e31b7b0ad6bca798008328ac3cff3701c1c9cca2ddddd

    • SSDEEP

      6144:zIojh8YSG6e3Q7RZddAOKofd3yugpauc79lPcJJ6:Uoj2Ytg7RXdJfRyuVuCoJo

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Matrix

Tasks