Overview

overview

7

Static

static

6

ae6ebd9c65...18.apk

android-9-x86

7

imread.apk

android-9-x86

imread.apk

android-10-x64

imread.apk

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    ae6ebd9c6543762a2e9586ff6398fdfc_JaffaCakes118

  • Size

    31.1MB

  • Sample

    240615-pnzjnavamj

  • MD5

    ae6ebd9c6543762a2e9586ff6398fdfc

  • SHA1

    f94f849a333a66d206913e4fb7960aa3f333b0b7

  • SHA256

    c7223104cad0c47ce6654c6791261696a1a36ae8778a480c38c572dcf0912af3

  • SHA512

    595b5729d7c47a78ee3e00b2891109f42bdae8f894b589456539e2cf9188b172725ae582ede157bf57ecb60a0de5a536c01b743bae9de279a89306a60d9b2d65

  • SSDEEP

    786432:E1KsMsP6kCsgEqzDPXc4iUGe2CfLslB3dsmXpyYDx:N3pEeDPh2CWNdsqpy2

Score
7/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      ae6ebd9c6543762a2e9586ff6398fdfc_JaffaCakes118

    • Size

      31.1MB

    • MD5

      ae6ebd9c6543762a2e9586ff6398fdfc

    • SHA1

      f94f849a333a66d206913e4fb7960aa3f333b0b7

    • SHA256

      c7223104cad0c47ce6654c6791261696a1a36ae8778a480c38c572dcf0912af3

    • SHA512

      595b5729d7c47a78ee3e00b2891109f42bdae8f894b589456539e2cf9188b172725ae582ede157bf57ecb60a0de5a536c01b743bae9de279a89306a60d9b2d65

    • SSDEEP

      786432:E1KsMsP6kCsgEqzDPXc4iUGe2CfLslB3dsmXpyYDx:N3pEeDPh2CWNdsqpy2

    Score
    7/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      imread.src

    • Size

      1.1MB

    • MD5

      9f4d3771a2c8ff7e2aa14293c2bc749c

    • SHA1

      703f80a3395967f0b9b85f225530c45b68844b70

    • SHA256

      b3dccb0e7c75d018bcd905bcccf230f4a7e5e2d3679668ab9aed08106ac208af

    • SHA512

      bafdef36c8a15b8f0887cb5082bda20876cebfb71c33d7886af4382bbfc74780783f8a638b24ed5cedfe27b2762568c722a88c9d27f5a809039cb9275a6d0ede

    • SSDEEP

      24576:S2Cbe/P5Gwj9O6BFfRkQQ2vAWD6NjEp6eb8BgMAJskcke3El:S2Cqj9O6rR116NIMeb8BgMAmfj0l

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks