Overview

overview

7

Static

static

6

9c8729d264...18.apk

android-9-x86

7

9c8729d264...18.apk

android-13-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9c8729d2647be6bf3ba11bae7fa8be15_JaffaCakes118

  • Size

    17.8MB

  • Sample

    240611-bhme9axhpd

  • MD5

    9c8729d2647be6bf3ba11bae7fa8be15

  • SHA1

    dec8defe48039b4a1f282d48a609f2094e8ee60c

  • SHA256

    104ec88dec5d153283a0f4c85c676f648c0fc55796fc62c4ecb8eb05f4282d97

  • SHA512

    bd002db2f68577eb8cfd8b8571ed67c7990d324b7b8949e38e59bad30adabb35f860114b2dc38a855df4239f1f5c20a744f281515ad5a6b0199f9ea97df8ceb3

  • SSDEEP

    393216:tgdWEOgIji04Y9O3OvtdUHGEN12mJ6+OMh5Fx:OdWPgGi5vevLKN12mJt53

Score
7/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      9c8729d2647be6bf3ba11bae7fa8be15_JaffaCakes118

    • Size

      17.8MB

    • MD5

      9c8729d2647be6bf3ba11bae7fa8be15

    • SHA1

      dec8defe48039b4a1f282d48a609f2094e8ee60c

    • SHA256

      104ec88dec5d153283a0f4c85c676f648c0fc55796fc62c4ecb8eb05f4282d97

    • SHA512

      bd002db2f68577eb8cfd8b8571ed67c7990d324b7b8949e38e59bad30adabb35f860114b2dc38a855df4239f1f5c20a744f281515ad5a6b0199f9ea97df8ceb3

    • SSDEEP

      393216:tgdWEOgIji04Y9O3OvtdUHGEN12mJ6+OMh5Fx:OdWPgGi5vevLKN12mJt53

    Score
    7/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks