Overview

overview

8

Static

static

6

90039ee130...18.apk

android-9-x86

8

xx.apk

android-9-x86

1

xx.apk

android-10-x64

1

xx.apk

android-11-x64

1

dongniwrapper.apk

android-9-x86

7

dongniwrapper.apk

android-10-x64

7

dongniwrapper.apk

android-11-x64

7

xx.apk

android-9-x86

1

xx.apk

android-10-x64

1

xx.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90039ee1305a8852ad217f93c63ad10b_JaffaCakes118

  • Size

    4.4MB

  • Sample

    240603-a7dzqsdc2z

  • MD5

    90039ee1305a8852ad217f93c63ad10b

  • SHA1

    0395a81cd19850f9c3ec3b6bcf3e030dbc5225c1

  • SHA256

    20448decc196848e8158834b8e4b9d2f4515f72660ade08b47f7850126087f70

  • SHA512

    5d5e13473c91815f9225e042768ff0adf812fef5929d0071a55896db73b8a2631c0cfd190f9ae00a840745fd592bb02a4de47e43da2ab46f5663bfb529720ae6

  • SSDEEP

    98304:UP07vMl6yMoIaKuYil+PRSMOeFiuBPgQgVA9k8vheUcR:UfgyMTDP/Oe4uBl7he1

Score
8/10
androidbankerdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      90039ee1305a8852ad217f93c63ad10b_JaffaCakes118

    • Size

      4.4MB

    • MD5

      90039ee1305a8852ad217f93c63ad10b

    • SHA1

      0395a81cd19850f9c3ec3b6bcf3e030dbc5225c1

    • SHA256

      20448decc196848e8158834b8e4b9d2f4515f72660ade08b47f7850126087f70

    • SHA512

      5d5e13473c91815f9225e042768ff0adf812fef5929d0071a55896db73b8a2631c0cfd190f9ae00a840745fd592bb02a4de47e43da2ab46f5663bfb529720ae6

    • SSDEEP

      98304:UP07vMl6yMoIaKuYil+PRSMOeFiuBPgQgVA9k8vheUcR:UfgyMTDP/Oe4uBl7he1

    Score
    8/10
    bankerdiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery
    behavioral1

    • Target

      xx.db

    • Size

      120KB

    • MD5

      a12716a839d2bcff50d15b127ad2958e

    • SHA1

      966dfa76030dfb35e59629a112688f3dad4a3014

    • SHA256

      798cb6019445bb881b6e0bb2694c65f2f65ecad2b3d4215f3fa38f85d5f86244

    • SHA512

      b09719b8ad4242252ae81bf8cd707f9c84eaade08f301e04e00f0727b7a186e9fd31a0f162675eb0cafb8ea4f13d640602a2166d754083e23da6de4b76dd8292

    • SSDEEP

      3072:AvWqO9upSg1pofLO2BhfvWqO9upSg1pofLO2Bs:Y7p7pofK2/7p7pofK2K

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      dongniwrapper.db

    • Size

      65KB

    • MD5

      e9a0aa633924b9ff1f7b2bbd16b547ce

    • SHA1

      8a898938f7915336621ebb9f4769c8461a31dc6e

    • SHA256

      7cc34ad96da9c8c8ba5ed6fc2e0633ad4a90c312ff201092db2ebf99eadd9753

    • SHA512

      d2a400bff6ab165bb3bff05e184c08cd6b4ed70de9552cdd3db663c4210aa38d72f1e7c9c82edb899b3b11daa12bd67181990bd9dabad462441362add3f5fb98

    • SSDEEP

      1536:xSZ0qYYCyfPqCn9uTBRVH1cgUfgplKNVhVO2Bho6+4Dwo4:3vWqO9upSg1pofLO2Bhy

    Score
    7/10
    evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion
    behavioral5behavioral6behavioral7

    • Target

      xx.db

    • Size

      55KB

    • MD5

      1a104e225f04e5d87d95c5a900845e01

    • SHA1

      69602a92cc2ecd2607b8bf81199b709c8e2ce61c

    • SHA256

      8ba0b3e8fbbed9a0cdbb22f4437351b8ed611da7e4808803ba9164a514755a59

    • SHA512

      3fc9ccf5541b8bf01ab98056bdb33407c5398ecd6d5f174c9b43b00c230f5d34ecc8bb47e4148dd219575ea8ca2dfc39fc10a23a12d16a2f1c13f33d93c2c8c1

    • SSDEEP

      1536:cSZ0qYYCyfPqCn9uTBRVH1cgUfgplKNVhVO2BhoI:QvWqO9upSg1pofLO2B9

    Score
    1/10
    behavioral10behavioral8behavioral9

MITRE ATT&CK Mobile v15

Tasks