Overview

overview

8

Static

static

6

95a7d2c96a...18.apk

android-9-x86

8

oppo_game_...02.apk

android-9-x86

1

oppo_game_...02.apk

android-13-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    95a7d2c96ae5ec2ebcf8bbe27f161b43_JaffaCakes118

  • Size

    30.3MB

  • Sample

    240604-vv7fqsed35

  • MD5

    95a7d2c96ae5ec2ebcf8bbe27f161b43

  • SHA1

    0c21310a690c59ff5a20d2ffb78d99c5cd151ea7

  • SHA256

    4b44d9f37c12b019bd37a7e858a04cc256babd4232cc4818e0f125dc1845b565

  • SHA512

    d55690b5d262df721f8d9770be35a682439955087ed6f64b618dd0121388ce8af9ed6086b1630b26c35d16080fe9db142d15add36d45848141e43c7fb3b6bf38

  • SSDEEP

    786432:OsUmn26jOru89GOBdkW1a0ijLHiayHB4E6Sen:Ovmn+u8Tla0YLife0en

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      95a7d2c96ae5ec2ebcf8bbe27f161b43_JaffaCakes118

    • Size

      30.3MB

    • MD5

      95a7d2c96ae5ec2ebcf8bbe27f161b43

    • SHA1

      0c21310a690c59ff5a20d2ffb78d99c5cd151ea7

    • SHA256

      4b44d9f37c12b019bd37a7e858a04cc256babd4232cc4818e0f125dc1845b565

    • SHA512

      d55690b5d262df721f8d9770be35a682439955087ed6f64b618dd0121388ce8af9ed6086b1630b26c35d16080fe9db142d15add36d45848141e43c7fb3b6bf38

    • SSDEEP

      786432:OsUmn26jOru89GOBdkW1a0ijLHiayHB4E6Sen:Ovmn+u8Tla0YLife0en

    Score
    8/10
    discoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      oppo_game_service_201502.so

    • Size

      4.0MB

    • MD5

      fc370ef2928affc169ff3f3e1c856791

    • SHA1

      97177d0eca18f7ef0c382739becb744556b4b268

    • SHA256

      46c357afba1e7773312156efc729888daaa66ac8165dd6a393f7ab01f23ab5a3

    • SHA512

      944bbd29a21a121caa6e0f5cfcb12e6c1db635698add1bcc59b1cc8e882d4858698afb92f653cefcf4b79b37d003647a7e02433f95ecf1e906f9a131abc4a7f3

    • SSDEEP

      98304:dVAO2eFa6e3A5NIHcyOxMA5Wf3PcRDeVmMNvn4U2CUE6F6jOU:dDs33A5EcDxFWkmpCURUE6F6jOU

    Score
    1/10
    behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks