Overview

overview

8

Static

static

6

af87e4e46b...18.apk

android-9-x86

8

af87e4e46b...18.apk

android-10-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af87e4e46b056615beccb816d623fbff_JaffaCakes118

  • Size

    10.2MB

  • Sample

    240615-vxwr1sycqa

  • MD5

    af87e4e46b056615beccb816d623fbff

  • SHA1

    0a932b4e8fd991fe3c07e6cb5fbd9e0f132293d3

  • SHA256

    8289c7bf941e9686b1e5cc1b7ba456e8489c9457e90613c1b570244e374de8b7

  • SHA512

    37fb986b23643ec1034f8a1dbdad3ac649b3d3c45f7eb185481dbefa2a5818c8e5f0d444b8a3649156a81998a7659aedd07bbbdd6ac32874185a2cc4e6c7c874

  • SSDEEP

    196608:iQuiSEQll0/m+voL/sChqLLf6wxEOKJ7y51cRH9U1OYR/BOrBbBC6iqzI:iQeRj0/1voL/s0qf6e/51cRH9UUo/BOe

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      af87e4e46b056615beccb816d623fbff_JaffaCakes118

    • Size

      10.2MB

    • MD5

      af87e4e46b056615beccb816d623fbff

    • SHA1

      0a932b4e8fd991fe3c07e6cb5fbd9e0f132293d3

    • SHA256

      8289c7bf941e9686b1e5cc1b7ba456e8489c9457e90613c1b570244e374de8b7

    • SHA512

      37fb986b23643ec1034f8a1dbdad3ac649b3d3c45f7eb185481dbefa2a5818c8e5f0d444b8a3649156a81998a7659aedd07bbbdd6ac32874185a2cc4e6c7c874

    • SSDEEP

      196608:iQuiSEQll0/m+voL/sChqLLf6wxEOKJ7y51cRH9U1OYR/BOrBbBC6iqzI:iQeRj0/1voL/s0qf6e/51cRH9UUo/BOe

    Score
    8/10
    collectiondiscoveryevasionimpactpersistencebanker

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks