Overview

overview

7

Static

static

6

ab7cbe5fae...18.apk

android-9-x86

7

ab7cbe5fae...18.apk

android-10-x64

7

ab7cbe5fae...18.apk

android-11-x64

7

__pasys_re...er.apk

android-9-x86

__pasys_re...er.apk

android-10-x64

__pasys_re...er.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240614-z172nswdlf

  • MD5

    ab7cbe5faec3d964479537a5967ad70c

  • SHA1

    9721ca1ae5936030c9303e78e7954c779a8bf7da

  • SHA256

    e88995104eb72670f3435f982d2657cf93ffb3621d865dc66ac3882a4c9959b4

  • SHA512

    0866427af5b15fd5cf7252fa42696901702844385727573b355574cf2e53f2d25384df7bc0c3af701476cb16cd9c13bce04d75e8a2faa66fa0c1f398756873e3

  • SSDEEP

    24576:+2SmX5SlbFFae3cGIR2+G8KJNvQvfCBc7bRfEVojaA0zhRzFksGmn5SIe1Hku7Yw:V5SlBFbIR2eKLvQvEcvpEyT0msGmn5cl

Score
7/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118

    • Size

      1.4MB

    • MD5

      ab7cbe5faec3d964479537a5967ad70c

    • SHA1

      9721ca1ae5936030c9303e78e7954c779a8bf7da

    • SHA256

      e88995104eb72670f3435f982d2657cf93ffb3621d865dc66ac3882a4c9959b4

    • SHA512

      0866427af5b15fd5cf7252fa42696901702844385727573b355574cf2e53f2d25384df7bc0c3af701476cb16cd9c13bce04d75e8a2faa66fa0c1f398756873e3

    • SSDEEP

      24576:+2SmX5SlbFFae3cGIR2+G8KJNvQvfCBc7bRfEVojaA0zhRzFksGmn5SIe1Hku7Yw:V5SlBFbIR2eKLvQvEcvpEyT0msGmn5cl

    Score
    7/10
    discoveryevasionpersistencecollectioncredential_accessimpact

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

    • Target

      __pasys_remote_banner.jar

    • Size

      114KB

    • MD5

      2ad9fb4b2d9b333883b7e38f61c2fd2f

    • SHA1

      5b85041452d173ed0d81d25b9ca78608a998e328

    • SHA256

      b9310a99f1b60959f6b725eea74623dc491adec55da740c17e8c7e02f35818f5

    • SHA512

      6fc04e1e22ebf8920b4928a8086cf3e0814d155f79f80d71622916f6a0911262382710e5ee2acea653db4b387730e201134592cb9992b14f3aef8b09d83bda90

    • SSDEEP

      3072:9cU7bD2h2Z5ecVpoj8eVJBl52Dx9yW0jv2gspIn:m8n28Z5eAs8S73InyWmug9

    Score
    1/10
    behavioral4behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks