Overview

overview

8

Static

static

6

a42e0c6bd5...18.apk

android-9-x86

8

a42e0c6bd5...18.apk

android-11-x64

8

dmss_v2.apk

android-9-x86

dmss_v2.apk

android-10-x64

dmss_v2.apk

android-11-x64

elepay.apk

android-9-x86

elepay.apk

android-10-x64

elepay.apk

android-11-x64

rooter.apk

android-9-x86

1

rooter.apk

android-10-x64

1

rooter.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a42e0c6bd5c3fb8e14c0fe901f001bb1_JaffaCakes118

  • Size

    5.5MB

  • Sample

    240613-g4v76sxcma

  • MD5

    a42e0c6bd5c3fb8e14c0fe901f001bb1

  • SHA1

    a96ca0465305d15a8f363a7f049fd629341cb465

  • SHA256

    a361bbc8f34fcea4d49114efdaf6d2c215324d6713e9672e35a3f465435fb174

  • SHA512

    f167bd18836d91409b9cc6dcca9861e14f0f297645a1bd01bf91d9b10d1ab893f979541972b836ad3f03d1d7b9307bd2a4bb5e0a96e28cc51d812bac5dc95cd6

  • SSDEEP

    98304:sZfo1BnlshWEGcxtrMPPbFpsOZnQFkNWAdkL1JEAHbba2+Qs3t9vVX1WQ:sZgTafxpWFmOaFko+kL1bX+b

Score
8/10
androidbankerdiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      a42e0c6bd5c3fb8e14c0fe901f001bb1_JaffaCakes118

    • Size

      5.5MB

    • MD5

      a42e0c6bd5c3fb8e14c0fe901f001bb1

    • SHA1

      a96ca0465305d15a8f363a7f049fd629341cb465

    • SHA256

      a361bbc8f34fcea4d49114efdaf6d2c215324d6713e9672e35a3f465435fb174

    • SHA512

      f167bd18836d91409b9cc6dcca9861e14f0f297645a1bd01bf91d9b10d1ab893f979541972b836ad3f03d1d7b9307bd2a4bb5e0a96e28cc51d812bac5dc95cd6

    • SSDEEP

      98304:sZfo1BnlshWEGcxtrMPPbFpsOZnQFkNWAdkL1JEAHbba2+Qs3t9vVX1WQ:sZgTafxpWFmOaFko+kL1bX+b

    Score
    8/10
    bankerdiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks Android system properties for emulator presence.

      evasion

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      dmss_v2.jar

    • Size

      126KB

    • MD5

      aa64c54de3204df266353f78f8f92743

    • SHA1

      f30391c3c576f3ad05cae309d4b3ed63759f140f

    • SHA256

      a9d07897e42c42c15f27ac1e3a907072bce90aeed7cf70ad3c52ea020a2bb1ac

    • SHA512

      a3be909d084d88dc1da4c0b0fd8dfbcc63d3149308f622b094fb1b9b4a47c2e5fe9633fd7354e2ce281d222fffcfdfd3896708cb398c81f12437aa8f0720690c

    • SSDEEP

      3072:QWDEMmwiLvzgsHGEIqTriwmelZLoALvFchukchKC+8G/ee:pDpmwiJ2Ur7mhAL+kkcPG1

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      elepay.jar

    • Size

      20KB

    • MD5

      2e6fe52abfe59799f2ed7bc578dd0a9c

    • SHA1

      3f95d8d80181fb889423820be0043be2610e615f

    • SHA256

      844d4d439dd18f636ad981cba9503d489465ace2647895f07977234984c24596

    • SHA512

      45f35aed5022eda6ae763c0426ee6e2866f6db589731b5f8613ac336342d5d5cb4a730e170b537c8c6d131b25fc7f7e191a618b9d018d7ba911ccfa910f4dba4

    • SSDEEP

      384:mTIRyqoXv2HiDV3Kv+bXJMXaYrCGMm9vnDnl8aYOPKwSgVMwbDipkpKlDuOUY:mTZPXBcvuOKk/McDlPYQKwCoDM8K7p

    Score
    1/10
    behavioral6behavioral7behavioral8

    • Target

      rooter.jar

    • Size

      230KB

    • MD5

      79bb88c51f6592fa6b36d76c5e2f9dc9

    • SHA1

      ab6d2b103c3d86cff02f2ca6175ab8060f557ed9

    • SHA256

      c1ed6649dd3114d92836520c61480a38308dfb2eed5869a5d296fbcb48fac233

    • SHA512

      f2c5951dee97bb24b4ef8249f1d13e2056ce36e5f27647670635ce80b5976926f382255c01ecc0b318cc7e1233d83d8fb8e03ae747cfba9d9c7d39b26550152c

    • SSDEEP

      6144:01jcTY+DMB2NW6Sxj3184rAR9ZF2dI8qRuD+BIWJVlTYfjPcyg:UjcjA286Sl6ZF2m1UD+zTY70d

    Score
    1/10
    behavioral10behavioral11behavioral9

MITRE ATT&CK Matrix

Tasks