Overview

overview

8

Static

static

6

ae29922284...18.apk

android-9-x86

8

ae29922284...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae299222842d2a111c0ae72456f3b45d_JaffaCakes118

  • Size

    15.5MB

  • Sample

    240615-nc91ksscnn

  • MD5

    ae299222842d2a111c0ae72456f3b45d

  • SHA1

    a2626aa68d4c91800422208fcefb1a9cf01e861f

  • SHA256

    ca4ddaab10f690f4cce426e3d8f407d9fc92da0acec637bdc13b6961410e86ba

  • SHA512

    b4a512c022ea3693f92e55fd836282352e122fcc457ecce121424e5a325c4be950b60b99b35c3007b8c4932df1935f0ecb7bee09463d91feb3bd1f0cc710dd04

  • SSDEEP

    393216:keUt7w09FM9DxyRkdHMfYppiUe30dhzk6ICi:keQh3M9dyR0sUDQGhtni

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      ae299222842d2a111c0ae72456f3b45d_JaffaCakes118

    • Size

      15.5MB

    • MD5

      ae299222842d2a111c0ae72456f3b45d

    • SHA1

      a2626aa68d4c91800422208fcefb1a9cf01e861f

    • SHA256

      ca4ddaab10f690f4cce426e3d8f407d9fc92da0acec637bdc13b6961410e86ba

    • SHA512

      b4a512c022ea3693f92e55fd836282352e122fcc457ecce121424e5a325c4be950b60b99b35c3007b8c4932df1935f0ecb7bee09463d91feb3bd1f0cc710dd04

    • SSDEEP

      393216:keUt7w09FM9DxyRkdHMfYppiUe30dhzk6ICi:keQh3M9dyR0sUDQGhtni

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      evasion

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks