Overview

overview

7

Static

static

6

a8577807ea...18.apk

android-9-x86

7

a8577807ea...18.apk

android-13-x64

alipay_plu...sp.apk

android-9-x86

1

alipay_plu...sp.apk

android-10-x64

1

alipay_plu...sp.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8577807ea0c981a146b9c2a140ac400_JaffaCakes118

  • Size

    10.2MB

  • Sample

    240614-haeh1asdjn

  • MD5

    a8577807ea0c981a146b9c2a140ac400

  • SHA1

    0939fed31bde08737796a234f75d7b1ec0f71cb3

  • SHA256

    75f9f20ac006e0f088f827a70ace4500ceee4dfdc1db4a3fb14f651ccc994206

  • SHA512

    c2371726338a9c1b7052bb06b330dc62a5cca45731f233faa8e10b4b4ab4a272695d15208c31505f35f97fde2746f975088d8989595b87c38e7b0ddb497a2796

  • SSDEEP

    196608:FRmbZvwyc7neQom3Ijh/dxzv97XaN4DUQ6lfXHkqwud3RazOkpkIn76PuE0HA3PF:/mbZvwn7eCIJdRNaNTHxwurazOpIn76/

Score
7/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      a8577807ea0c981a146b9c2a140ac400_JaffaCakes118

    • Size

      10.2MB

    • MD5

      a8577807ea0c981a146b9c2a140ac400

    • SHA1

      0939fed31bde08737796a234f75d7b1ec0f71cb3

    • SHA256

      75f9f20ac006e0f088f827a70ace4500ceee4dfdc1db4a3fb14f651ccc994206

    • SHA512

      c2371726338a9c1b7052bb06b330dc62a5cca45731f233faa8e10b4b4ab4a272695d15208c31505f35f97fde2746f975088d8989595b87c38e7b0ddb497a2796

    • SSDEEP

      196608:FRmbZvwyc7neQom3Ijh/dxzv97XaN4DUQ6lfXHkqwud3RazOkpkIn76PuE0HA3PF:/mbZvwn7eCIJdRNaNTHxwurazOpIn76/

    Score
    7/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Acquires the wake lock

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2

    • Target

      alipay_plugin_20120428msp.apk

    • Size

      286KB

    • MD5

      4a89d8a1da67ffb789e71dcced41a691

    • SHA1

      b72bc1d8920ed03c8bfcb8e431169f4508e71976

    • SHA256

      5dab6575a279591032487cd2b8e428f7a90ac8b1fc4eacee245522feba2b2039

    • SHA512

      a09342efcabc691c9efdf256c93e3f326d6785c7b2d6c1d4d12dfbdb676f544fcaa08ca373a550faebe3cdab2b5f82781e28cbf5f4779c3905851876eddc95d3

    • SSDEEP

      6144:OV/Mo6jF1cM8qgmgMPE8fRsrYQ0d0ROgE8XF2Q9WDBRa/dEW7BhDJUK:OVWjFiCgxmpsrYQ0uR48XF2Q9W1R1Wlv

    Score
    1/10
    behavioral3behavioral4behavioral5

MITRE ATT&CK Matrix

Tasks