Overview

overview

7

Static

static

6

a206ef6db9...18.apk

android-9-x86

7

alipay_plugin.apk

android-9-x86

7

res.apk

android-9-x86

res.apk

android-10-x64

res.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a206ef6db914579d9fb026ce0c34d622_JaffaCakes118

  • Size

    6.6MB

  • Sample

    240612-yd7xqaxejh

  • MD5

    a206ef6db914579d9fb026ce0c34d622

  • SHA1

    e2adc1424376d5b6208ad0e0f9522c677925bbf0

  • SHA256

    623d7c2ddbea3463e8531eea8d6bb000d8ecbf93e259baaa9fc0f8d81e79d449

  • SHA512

    9cd23b9ca6a878d874287b98b1b6967fd177a2c981517a0b53206d202f10de47fd7d526ebe86c53aac1fb9a2e083b6882b9d5e4070cbf4a050cbba014b4b8474

  • SSDEEP

    98304:G0uWa1ogKVZxIkEV/CfzZenqLn5awswQHjIIwBrfxd5d6+vT9E+lb72+7aXbBg/M:2WhJRIkEFC7ZaqTTKEOGKAaXS/+CODd5

Score
7/10
androidcollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      a206ef6db914579d9fb026ce0c34d622_JaffaCakes118

    • Size

      6.6MB

    • MD5

      a206ef6db914579d9fb026ce0c34d622

    • SHA1

      e2adc1424376d5b6208ad0e0f9522c677925bbf0

    • SHA256

      623d7c2ddbea3463e8531eea8d6bb000d8ecbf93e259baaa9fc0f8d81e79d449

    • SHA512

      9cd23b9ca6a878d874287b98b1b6967fd177a2c981517a0b53206d202f10de47fd7d526ebe86c53aac1fb9a2e083b6882b9d5e4070cbf4a050cbba014b4b8474

    • SSDEEP

      98304:G0uWa1ogKVZxIkEV/CfzZenqLn5awswQHjIIwBrfxd5d6+vT9E+lb72+7aXbBg/M:2WhJRIkEFC7ZaqTTKEOGKAaXS/+CODd5

    Score
    7/10
    collectiondiscoveryevasionpersistence

    • Checks Android system properties for emulator presence.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Reads the content of SMS inbox messages.

      collection

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery
    behavioral1

    • Target

      alipay_plugin.apk

    • Size

      354KB

    • MD5

      370e3ce20f4f363c993599c8702f21b7

    • SHA1

      5cc5e92fa2347aab04c145954cec76b1cfd15c37

    • SHA256

      1b6b376b638eb17b718f45b92005f20e78d27687b831b13b1aaad1bdb05daf1e

    • SHA512

      50c5702f2a4398aae9ab5b376d5f420cebb20c07030a4efc70b8e45934d7a93803b74f41c1c0bf48e9c08c1c43b9ec247c60190b55db52afc095d4703fac5912

    • SSDEEP

      6144:l26IZ1oqBjGVN8TdW4zxgnm1Us3JuOK2Ef5C8EcPK+WvyQcQ2fnFByVW:l2vpBiVN8pWggmlYL5CLE8RcQ2fnGo

    Score
    7/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery
    behavioral2

    • Target

      res.bin

    • Size

      129KB

    • MD5

      010166dfc3a5f1b202133361935bf26b

    • SHA1

      9a67807ee55adde22fc4064f2a476af4bafcd482

    • SHA256

      ea62acea0e015b54b1a0c2b997417059af3d053d44baf61861571a28246fa7cc

    • SHA512

      b5525dedf1c384dd144bd71e9b8c131e39f62471ef77ae3c6d651a84aecae666699cfb49bf0d7afb4408d98fea1c9358e26fbbb2faac657bc0cff5ca5dc5b67e

    • SSDEEP

      3072:AxfQrGKuVqeI81ZfIH6tEx2t/7SKYUqcgvApEjtd9eKs8:oQr8qWLm6yx4/7S+Xg4pENer8

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks