Overview

overview

8

Static

static

6

a86764af45...18.apk

android-9-x86

8

hack.apk

android-9-x86

hack.apk

android-10-x64

hack.apk

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    a86764af45a201306328acb2ea3eefaa_JaffaCakes118

  • Size

    30.9MB

  • Sample

    240614-hmw9kssgmq

  • MD5

    a86764af45a201306328acb2ea3eefaa

  • SHA1

    2820cb9c32c54b2d6615518b8340e00e6354044c

  • SHA256

    b2ff8b800c588f2f5969e0101f136e5cc2d02ef7bbd6b6a37f1aabe53ed3198a

  • SHA512

    0948ac62de75edaffef73a38f264899c157156f8e290512ffedd9ed4e70579f86c93991a75488ef614872063d90f32bfe72f296340d09bbd86141c7af51096e6

  • SSDEEP

    786432:wIY60+KqxQ+Pwt7bTqu/mNP1N4CUhfrXblfOWmX9Vy1:wIYMn0bZuNNxUNDblDmg

Score
8/10
androidbankercollectiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      a86764af45a201306328acb2ea3eefaa_JaffaCakes118

    • Size

      30.9MB

    • MD5

      a86764af45a201306328acb2ea3eefaa

    • SHA1

      2820cb9c32c54b2d6615518b8340e00e6354044c

    • SHA256

      b2ff8b800c588f2f5969e0101f136e5cc2d02ef7bbd6b6a37f1aabe53ed3198a

    • SHA512

      0948ac62de75edaffef73a38f264899c157156f8e290512ffedd9ed4e70579f86c93991a75488ef614872063d90f32bfe72f296340d09bbd86141c7af51096e6

    • SSDEEP

      786432:wIY60+KqxQ+Pwt7bTqu/mNP1N4CUhfrXblfOWmX9Vy1:wIYMn0bZuNNxUNDblDmg

    Score
    8/10
    bankercollectiondiscoveryevasionpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks Android system properties for emulator presence.

      evasion

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      hack.apk

    • Size

      746B

    • MD5

      63f8ccbd6d43328f456c8f2d56d56547

    • SHA1

      3cb0bdac74d123b13b2aa56d7790d7f49b610f94

    • SHA256

      ecb2aa8e3c0cb32e63542cf2f0a9f7ece00d6e2d2bb2ee516a4c09570d920ff3

    • SHA512

      1de01f36459b4557a0358087f8365ba0e92dfbf014d97992b647713e1e7c0d746833f32a928e158755f14da761d76288009f35addb1512ab75ea480a2bc2276b

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks