Overview

overview

7

Static

static

6

8fe6be37cc...18.apk

android-9-x86

7

ad_adview.apk

android-9-x86

ad_adview.apk

android-10-x64

ad_adview.apk

android-11-x64

gdtadv2.apk

android-9-x86

Sharing

Copy URL Twitter E-mail

General

  • Target

    8fe6be37cc4dbb0714e599374d0b9df0_JaffaCakes118

  • Size

    17.3MB

  • Sample

    240603-adp5xaca7x

  • MD5

    8fe6be37cc4dbb0714e599374d0b9df0

  • SHA1

    59525d024482dcf8e2ee9929cc756367fc91539f

  • SHA256

    6137472e5734958c133964149231cb9195ce24f54c241e69f22dd437df5ce901

  • SHA512

    9eb93eac71020e5334ef1bf3c51553bbb5f65ebf4ef3be4a415adbbd829113e53b109f5cc0a37ca3c5b24bf137126ba67c0934ef51efade9a53957fba581af2b

  • SSDEEP

    393216:943F9JyGWMIq7cioPTLfEBa9j7AfHGRPwygoRvE9dK053Xo:94EG9Yio8BdfmRPWoRvE9dK05Ho

Score
7/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      8fe6be37cc4dbb0714e599374d0b9df0_JaffaCakes118

    • Size

      17.3MB

    • MD5

      8fe6be37cc4dbb0714e599374d0b9df0

    • SHA1

      59525d024482dcf8e2ee9929cc756367fc91539f

    • SHA256

      6137472e5734958c133964149231cb9195ce24f54c241e69f22dd437df5ce901

    • SHA512

      9eb93eac71020e5334ef1bf3c51553bbb5f65ebf4ef3be4a415adbbd829113e53b109f5cc0a37ca3c5b24bf137126ba67c0934ef51efade9a53957fba581af2b

    • SSDEEP

      393216:943F9JyGWMIq7cioPTLfEBa9j7AfHGRPwygoRvE9dK053Xo:94EG9Yio8BdfmRPWoRvE9dK05Ho

    Score
    7/10
    discoveryevasionimpactpersistence

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Checks if the internet connection is available

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      ad_adview.jar

    • Size

      229KB

    • MD5

      111f2807bfc2c5f4c7b806b7d4c19487

    • SHA1

      02246e8510c8ae43e3d28f23af8147c6bf46f57c

    • SHA256

      8ac8ff7bd3441827b6a98a0590e84b554e554839e67462189b3bb4123d2b711a

    • SHA512

      6a663e9386242139d7e734be69b14e4592051dfe6614fa65a53aba73cc9bc938a3bc7d15dd6e20de945709c39037c35171cbdf39ebcde370ac45930f406bed07

    • SSDEEP

      3072:7oFTZHKjcMbLkdgkxaAbjvfvI0gJbetKp8eKx695GtFtJxnIAElU8oI2eTPgfZuS:Edyc6kJgAffgdqKp2xN2cqgfZu8ky

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      gdtadv2.jar

    • Size

      566KB

    • MD5

      51e4adbc1c24d52ef03d65f7c52ece1e

    • SHA1

      b80fb7ba62d9737929cdf5f3dd6edf0c9c23caa2

    • SHA256

      15b92d10a42d907b477382cf48cf8a6d3d3a68582dc6be1f4ee0890cd341672b

    • SHA512

      0dc0b41cfad5517dc947505e39ace8c0466a0581d58d04d0b61077e6505367ebbdd1b4fa05dc49e00bf612073b492589601013924f4a1253db933d72fa2bcd8a

    • SSDEEP

      12288:LdK2khPEBrvJ+ik/0MdToaI0IiY0EuVJXit45JypKe3S:BvoEtvJ+Hnpo10STS+45A53S

    Score
    1/10
    behavioral5

MITRE ATT&CK Mobile v15

Tasks