Overview

overview

8

Static

static

6

6f16e8f4d1...18.apk

android-9-x86

8

UPPayPluginEx.apk

android-9-x86

1

UPPayPluginEx.apk

android-10-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    6f16e8f4d11cee9593ccff4d047c5f20_JaffaCakes118

  • Size

    10.4MB

  • Sample

    240524-tnnvdabe5z

  • MD5

    6f16e8f4d11cee9593ccff4d047c5f20

  • SHA1

    1c51a649162875643eba50968b9fa64c3ec0aaba

  • SHA256

    7b5abb32892e5b8acab25a0c885f993004afba204ec4cc571d9690570c1b7c14

  • SHA512

    88f5627325cc2db2057bced841e8de31392cbf816f2f792e5bb0d1767785a75615d652ef599fba227843ba2efe3f7470199200a3be3834249a2fb1545c11ecf6

  • SSDEEP

    196608:zzkyTtHw6Y8tNNB+PHlWRCMbf4LPXy/OwgxtMdNPuVC5FutsueDMRv:PzfbNj8Fv0f4LPXyZgnSGIqve4v

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      6f16e8f4d11cee9593ccff4d047c5f20_JaffaCakes118

    • Size

      10.4MB

    • MD5

      6f16e8f4d11cee9593ccff4d047c5f20

    • SHA1

      1c51a649162875643eba50968b9fa64c3ec0aaba

    • SHA256

      7b5abb32892e5b8acab25a0c885f993004afba204ec4cc571d9690570c1b7c14

    • SHA512

      88f5627325cc2db2057bced841e8de31392cbf816f2f792e5bb0d1767785a75615d652ef599fba227843ba2efe3f7470199200a3be3834249a2fb1545c11ecf6

    • SSDEEP

      196608:zzkyTtHw6Y8tNNB+PHlWRCMbf4LPXy/OwgxtMdNPuVC5FutsueDMRv:PzfbNj8Fv0f4LPXyZgnSGIqve4v

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      evasion
    behavioral1

    • Target

      UPPayPluginEx.apk

    • Size

      682KB

    • MD5

      189e4cbee3d387b620ee3658493bff10

    • SHA1

      c553777745915ab9faf2a69036052bf75ff3aea9

    • SHA256

      9443936537a52b2194ed1af22099484d9f3af7ac1df5abf550cf4e68c55e1a6a

    • SHA512

      1db2912d44ad26af4b913acc1f602c535cc220e58d780f5f2a60bb00585ebb96e664a96f88cf72d5e2246e536e7b704c9ae90d908edabceaf8add8b4d9dc0e31

    • SSDEEP

      12288:HKeuG5BeFpMDpppppp9tySFI6Yz8IqjwRTgk2C8FbnF/FXMyq272ToDvd0cLEim0:HKhGDuiDppppppXyS6z8BjzcI55aTM20

    Score
    1/10
    behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks