Overview

overview

8

Static

static

6

878ca94ce3...18.apk

android-9-x86

8

alipay_msp.apk

android-9-x86

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    878ca94ce3d6e25fec765687ad6844f7_JaffaCakes118

  • Size

    5.4MB

  • Sample

    240531-tclkwadh55

  • MD5

    878ca94ce3d6e25fec765687ad6844f7

  • SHA1

    859084c76df67b082a7412ef9cc71a395d2052e6

  • SHA256

    8fb06e33bf252da97e0b5a0eca81d2b5c7b22f13ea538e1c4f6117555f980cc0

  • SHA512

    13f2df3ac4ae247a913cf8d7dfdbc5a3cd00ca794360a86721e7f552db4f40b07f202e5b0a7bdc5e71677034dc605d01867a35b49e7e3263b4377bc7dd9c69f9

  • SSDEEP

    98304:U2ZU8D/fWx0ENKfK94aV5fiYGOaGiuNcTt1Io+lzHc+Aeeya3+A44U3JnaJPk0Ry:PF/fyjNKi94u4YGOFiuSt1F5C4UhaRcf

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      878ca94ce3d6e25fec765687ad6844f7_JaffaCakes118

    • Size

      5.4MB

    • MD5

      878ca94ce3d6e25fec765687ad6844f7

    • SHA1

      859084c76df67b082a7412ef9cc71a395d2052e6

    • SHA256

      8fb06e33bf252da97e0b5a0eca81d2b5c7b22f13ea538e1c4f6117555f980cc0

    • SHA512

      13f2df3ac4ae247a913cf8d7dfdbc5a3cd00ca794360a86721e7f552db4f40b07f202e5b0a7bdc5e71677034dc605d01867a35b49e7e3263b4377bc7dd9c69f9

    • SSDEEP

      98304:U2ZU8D/fWx0ENKfK94aV5fiYGOaGiuNcTt1Io+lzHc+Aeeya3+A44U3JnaJPk0Ry:PF/fyjNKi94u4YGOFiuSt1F5C4UhaRcf

    Score
    8/10
    bankerdiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      alipay_msp.apk

    • Size

      354KB

    • MD5

      89c04e1ebcd58eca6dd93211628ed0bc

    • SHA1

      7d1e77ce25a635299704dbd95bd95c697572ea9d

    • SHA256

      ee3c608fff51b313f4e0b3e542bedccb4d4db4c8eb44e63bf4be0d468e9ee117

    • SHA512

      3dccaeff9906401855f3071c91012926d7e9250674ea0bb89606e4862223a8343fc7b9369afe4e50031d261b45437107c018f565da5615c49721c3bf1bf6ed01

    • SSDEEP

      6144:cH8LfOo+BjGVN8TdW4zxgnm1Us3JuOK2vf5C8EcPK+WvyQcQ2fnq7:cHLxBiVN8pWggmlY25CLE8RcQ2fnq7

    Score
    8/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Checks if the internet connection is available

      discovery
    behavioral2

MITRE ATT&CK Mobile v15

Tasks