Overview

overview

7

Static

static

6

954b1ad511...18.apk

android-9-x86

7

yayavoice_...ts.apk

android-9-x86

1

yayavoice_...ts.apk

android-10-x64

1

yayavoice_...ts.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    954b1ad511ddbb44d9af8dbb89c8553f_JaffaCakes118

  • Size

    14.9MB

  • Sample

    240604-sfvsaabf28

  • MD5

    954b1ad511ddbb44d9af8dbb89c8553f

  • SHA1

    41e036d833ddc47b634f76ed5e38d3ba9a39add1

  • SHA256

    c015bddd1b040de5cb3a60b3b1d7f31540c01d723333178797a9029f3f91c975

  • SHA512

    e5227457d456407b2099be542e892f8766c76796e2c20f9f43a746862ba0333dcbf020e2a18e354ad0c5a81254b5f144ebf239fe3882afc453e00b4d26b84804

  • SSDEEP

    393216:Z6PaKJjKwmMnwgAb1nDIBpdJJYehgzyUNw8wzaZD8cQu7:ZUaKJ+wmMwgAb1DEJKeqOFzax8cT7

Score
7/10
androidbankerdiscoveryimpactpersistence

Malware Config

Targets

    • Target

      954b1ad511ddbb44d9af8dbb89c8553f_JaffaCakes118

    • Size

      14.9MB

    • MD5

      954b1ad511ddbb44d9af8dbb89c8553f

    • SHA1

      41e036d833ddc47b634f76ed5e38d3ba9a39add1

    • SHA256

      c015bddd1b040de5cb3a60b3b1d7f31540c01d723333178797a9029f3f91c975

    • SHA512

      e5227457d456407b2099be542e892f8766c76796e2c20f9f43a746862ba0333dcbf020e2a18e354ad0c5a81254b5f144ebf239fe3882afc453e00b4d26b84804

    • SSDEEP

      393216:Z6PaKJjKwmMnwgAb1nDIBpdJJYehgzyUNw8wzaZD8cQu7:ZUaKJ+wmMwgAb1DEJKeqOFzax8cT7

    Score
    7/10
    bankerdiscoveryimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery
    behavioral1

    • Target

      yayavoice_for_assets.jar

    • Size

      244KB

    • MD5

      9046d08dffee86ba17eebc98320a4f65

    • SHA1

      0e3e309fb71111667098581461b44ba25e86fb4c

    • SHA256

      b727e3c6ba0d1b1ff9042ab2071ee33eaa2d54bccabcaefaab3760cb8a18f8ed

    • SHA512

      b41ea2cd3ade2068fa13d08734c2fea2f2d7cd9cbfc209a996e119dd9f70420ed01543af8f719de14a15cdcc1f041858196b6d63982e110e45e7d28ad903751e

    • SSDEEP

      6144:V7OA5kbwutteUc0EZ9K65TlRx8W3TLxoWSW:hyfT1c0e9JT8ITLxYW

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks