Overview

overview

8

Static

static

6

84cff0035b...18.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84cff0035bc2348a00acfb5254c7d16c_JaffaCakes118

  • Size

    9.4MB

  • Sample

    240530-t82xqsfe33

  • MD5

    84cff0035bc2348a00acfb5254c7d16c

  • SHA1

    1296018fe46ccdce6c832d86bc426cf1e2ebc196

  • SHA256

    7956093822959b097087cb76f69fe0b0138de189e4d0d12a29ef961f0c970c30

  • SHA512

    090882adc4b1fa6ee096e91eb8672a0339a55afbf2a0fa176ae316cdad8a20810e1a81b7d90c5b1eac25201a87b8a4f738e21e9c6f3ee6320cac0e7ce900609e

  • SSDEEP

    196608:xpwi2zyHF6Vz233mpTdnTnIFaw0dyHA9Hh/2jyX/wDnil:f2ml61DJGUsHyh/nwDnC

Score
8/10
androidbankerdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      84cff0035bc2348a00acfb5254c7d16c_JaffaCakes118

    • Size

      9.4MB

    • MD5

      84cff0035bc2348a00acfb5254c7d16c

    • SHA1

      1296018fe46ccdce6c832d86bc426cf1e2ebc196

    • SHA256

      7956093822959b097087cb76f69fe0b0138de189e4d0d12a29ef961f0c970c30

    • SHA512

      090882adc4b1fa6ee096e91eb8672a0339a55afbf2a0fa176ae316cdad8a20810e1a81b7d90c5b1eac25201a87b8a4f738e21e9c6f3ee6320cac0e7ce900609e

    • SSDEEP

      196608:xpwi2zyHF6Vz233mpTdnTnIFaw0dyHA9Hh/2jyX/wDnil:f2ml61DJGUsHyh/nwDnC

    Score
    8/10
    bankerdiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral1

MITRE ATT&CK Mobile v15

Tasks