Overview

overview

7

Static

static

6

adeff2f896...18.apk

android-9-x86

4

adeff2f896...18.apk

android-10-x64

7

adeff2f896...18.apk

android-11-x64

7

ad_adview.apk

android-9-x86

ad_adview.apk

android-10-x64

ad_adview.apk

android-11-x64

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    adeff2f89635c3e8a26216ae2b5f5cda_JaffaCakes118

  • Size

    12.5MB

  • Sample

    240615-l851dszglp

  • MD5

    adeff2f89635c3e8a26216ae2b5f5cda

  • SHA1

    bceba3384438437fd37746332750970922bfb84f

  • SHA256

    dd3a855cbac1d223f5e78e33d13e22df15e00fcb53dfa898f961c556b852c09d

  • SHA512

    f390708b4f521bc309ba91d7363e74dc883530ba069c838037bdfb547bdc7723571393ae3f4887b70580b6b8ba4adf9d088a799952ca3274ba002720718f6e51

  • SSDEEP

    393216:xUV5q8GBzgkc94n0+N/0XXL+AlUUUvy1wMkeZ:mq8/ky40+UCAeVq1NRZ

Score
7/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      adeff2f89635c3e8a26216ae2b5f5cda_JaffaCakes118

    • Size

      12.5MB

    • MD5

      adeff2f89635c3e8a26216ae2b5f5cda

    • SHA1

      bceba3384438437fd37746332750970922bfb84f

    • SHA256

      dd3a855cbac1d223f5e78e33d13e22df15e00fcb53dfa898f961c556b852c09d

    • SHA512

      f390708b4f521bc309ba91d7363e74dc883530ba069c838037bdfb547bdc7723571393ae3f4887b70580b6b8ba4adf9d088a799952ca3274ba002720718f6e51

    • SSDEEP

      393216:xUV5q8GBzgkc94n0+N/0XXL+AlUUUvy1wMkeZ:mq8/ky40+UCAeVq1NRZ

    Score
    7/10
    impactdiscoveryevasionpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

    • Target

      ad_adview.jar

    • Size

      187KB

    • MD5

      6a346101164eb60e826da90eb3f63d8b

    • SHA1

      fe0fbdf59a73ee5790cf0fb415174de86dfc3431

    • SHA256

      dfabdfe6a762ba76a531103861eb586d4cf076b666222edb55b44fffae15ca78

    • SHA512

      382f0fe21bf79b0aee61fc5d5e7244ea2fe63881ffa8463b8e1161350f79639d443183ecdda7f130d064222c5633413f8c97172bfa4d6e44d9d5e99f8a757a34

    • SSDEEP

      3072:pi54wKjPMbLQPZA+XiAXiDYyR1R5DJpsaLH3ro0x9QlEfAFTXixFHYbCKc1sL5:+EP6MpyAEJRfFJpjT3r9qlEfAFTGdCtH

    Score
    1/10
    behavioral4behavioral5behavioral6

    • Target

      bdxadsdk.jar

    • Size

      147KB

    • MD5

      1d1dba3063487b56d819a1cc92ae577d

    • SHA1

      30128c78448f881f1ef4e01c70a667702997bfe2

    • SHA256

      e06e04e974191cb33dd0429d717ee546897dd8879c65c0440940e633771dd011

    • SHA512

      88606c3a2cc796c84470c0d4b5e09fa8a10a7dcd0cad6fef6d30b0ac5fcfa299f7282c5c26a7ba13125617ed9a009cccc10535e21bb7653f10e157c141ca228f

    • SSDEEP

      3072:NGlAo9ZUOXoJl/+QiKoxPKS+zmOEBkgcPCik1s20q4CWmsnDPhMT67mmoNuGeVO:NeR9ZUOXG+QXQP3+zm7Bk6sqAXnzhMTZ

    Score
    1/10
    behavioral7behavioral8behavioral9

MITRE ATT&CK Mobile v15

Tasks