Overview

overview

8

Static

static

6

7aa555f71c...18.apk

android-9-x86

7

7aa555f71c...18.apk

android-11-x64

8

gdtadv2.apk

android-9-x86

Sharing

Copy URL Twitter E-mail

General

  • Target

    7aa555f71c6be6bf651bc96a7fc70139_JaffaCakes118

  • Size

    15.1MB

  • Sample

    240527-1mwbdsbb81

  • MD5

    7aa555f71c6be6bf651bc96a7fc70139

  • SHA1

    d9811f1ebc8e9bcb9fad25d5e50c58d2690ba6be

  • SHA256

    4fec222ccbc1525494424a7d31e4fb195a8f69f89fccc24f91cf81fe04afaee3

  • SHA512

    7e92703d428c0fd007f4ae38cdb072ec91579cbd2533e529fd041038201e2746cb060021e70ca435b3f39f1cf47d0681ffadc5fd0be8586cb7b1992f984eaae4

  • SSDEEP

    393216:TamQZ7BK+QDGEmNUHO7T+/MoHfgOpXbux8yq8Mw4HBV3Ogv:9Q7w+QDaQL/Mo/g6bEeX9Hf7

Score
8/10
androiddiscoveryevasionpersistence

Malware Config

Targets

    • Target

      7aa555f71c6be6bf651bc96a7fc70139_JaffaCakes118

    • Size

      15.1MB

    • MD5

      7aa555f71c6be6bf651bc96a7fc70139

    • SHA1

      d9811f1ebc8e9bcb9fad25d5e50c58d2690ba6be

    • SHA256

      4fec222ccbc1525494424a7d31e4fb195a8f69f89fccc24f91cf81fe04afaee3

    • SHA512

      7e92703d428c0fd007f4ae38cdb072ec91579cbd2533e529fd041038201e2746cb060021e70ca435b3f39f1cf47d0681ffadc5fd0be8586cb7b1992f984eaae4

    • SSDEEP

      393216:TamQZ7BK+QDGEmNUHO7T+/MoHfgOpXbux8yq8Mw4HBV3Ogv:9Q7w+QDaQL/Mo/g6bEeX9Hf7

    Score
    8/10
    discoveryevasionpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1behavioral2

    • Target

      gdtadv2.jar

    • Size

      882KB

    • MD5

      644e5e75d48776020ca8a6847bea1f95

    • SHA1

      6ef8663b2b7ce2732a66980c03d6ab6559928484

    • SHA256

      27a43bd3e5880903a070189b08a0952093a6c1498e91ac5078bb2b18ca2ff8c0

    • SHA512

      92f294fe4feccffd7fae23e7d1ffa0f753f377d570c16ad7c379c08856ee5f69883f57683e4db4af25c6ef53cb2a3ecfeff6bcbb59fe287eadfb8965c14657a2

    • SSDEEP

      24576:VGpszN/Vs45lt1P/ZRhQ87i3eefsSs9xxS+meIbti:VG2Sqt5/ZRLi3en9QeIZi

    Score
    1/10
    behavioral3

MITRE ATT&CK Mobile v15

Tasks