Overview

overview

8

Static

static

6

9f2351cb38...18.apk

android-9-x86

7

9f2351cb38...18.apk

android-11-x64

8

gdtadv2.apk

android-9-x86

jbp.apk

android-9-x86

jbp.apk

android-10-x64

jbp.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f2351cb382520270c1ab5bf495ebc6b_JaffaCakes118

  • Size

    5.3MB

  • Sample

    240611-w3pfkawfrg

  • MD5

    9f2351cb382520270c1ab5bf495ebc6b

  • SHA1

    4e4f40273dfc96fe7071249069cae1e620acde8f

  • SHA256

    50417d60ff040ab006bcf2fa348636d378cf8227d368a27a4a4bbca35d4216f3

  • SHA512

    99c570d41ecda38cc21e90e7b1663fb58da91317e80f65cd798cb2a9f5980006459af07acb0842c8dd9e18f166f69c419e2d66b2c43399b0e6fcc0ba564db4de

  • SSDEEP

    98304:gv0WnBXfbssPpxHpehyr7gIfoUt2IRab3e+9czMiGtXo1NjaexIg63sZQuwD5:CBXfbssPpPyyozU8IRab3TcBGG1NOkIN

Score
8/10
androidbankerdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      9f2351cb382520270c1ab5bf495ebc6b_JaffaCakes118

    • Size

      5.3MB

    • MD5

      9f2351cb382520270c1ab5bf495ebc6b

    • SHA1

      4e4f40273dfc96fe7071249069cae1e620acde8f

    • SHA256

      50417d60ff040ab006bcf2fa348636d378cf8227d368a27a4a4bbca35d4216f3

    • SHA512

      99c570d41ecda38cc21e90e7b1663fb58da91317e80f65cd798cb2a9f5980006459af07acb0842c8dd9e18f166f69c419e2d66b2c43399b0e6fcc0ba564db4de

    • SSDEEP

      98304:gv0WnBXfbssPpxHpehyr7gIfoUt2IRab3e+9czMiGtXo1NjaexIg63sZQuwD5:CBXfbssPpPyyozU8IRab3TcBGG1NOkIN

    Score
    8/10
    bankerdiscoveryevasionpersistenceimpact

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery
    behavioral1behavioral2

    • Target

      gdtadv2.jar

    • Size

      384KB

    • MD5

      933fb171fde27bcdb47b7d6a4fb54e3b

    • SHA1

      b38112e9a9457141cceca784aaa8f73168b9d935

    • SHA256

      f8b6f66ba60e542ede0fa8c16d737e380c3992ae9d030cb79d769dc8d791cd29

    • SHA512

      7bd11115be6c1e4324f3293e7ddfecd501585cd9fa6c3f1ee56a9c6e1d2e59382da8e09bd3e945fd77b8bce5a398e8788f682a8ea4e11b624731c366b0e621a6

    • SSDEEP

      12288:dHrhbCBW2oMaTxO+Y11vw+ndkF6zPClSyyY:dHl+BW2oZI+gvzndTPVyyY

    Score
    1/10
    behavioral3

    • Target

      jbp

    • Size

      19KB

    • MD5

      1bb6c0eadec3806544e8a38324df9515

    • SHA1

      3f27cb42056b354b414eac66f374d3e53db993b6

    • SHA256

      7c15ef01d6fffa17981c2f46e17b2f4c6b2f671783a2b4b87bc11e2d11b12e08

    • SHA512

      937f314b1905374c6576c8dfcf82406a65099184d9a9f57ba43982604561c8ec228fa9e0ca784edc385c06104687e347350d3ce80548fbce47032f1ecaafe60a

    • SSDEEP

      384:+jtZ+dm99qCf6yQREpTA49qI+sN4a+TSMAbqvJZoRxV7xBUUpb0PbsR3ZOGYwK97:+jtomh4GBMbWRXPBx4bsjav66H

    Score
    1/10
    behavioral4behavioral5behavioral6

MITRE ATT&CK Mobile v15

Tasks