Overview

overview

7

Static

static

6

afc1fb5248...18.apk

android-9-x86

7

sdk_wukong.apk

android-9-x86

1

sdk_wukong.apk

android-10-x64

1

sdk_wukong.apk

android-11-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    afc1fb52480204bb0658c1fb3e6c167d_JaffaCakes118

  • Size

    26.8MB

  • Sample

    240615-wzqt8atgnp

  • MD5

    afc1fb52480204bb0658c1fb3e6c167d

  • SHA1

    46853a908ef4bd4082558c31268cbb04417a0d00

  • SHA256

    1571b0a4d40aed75b989856b3ef632ba71a59d9c02efe840de4c40d9df6508f0

  • SHA512

    7ff09b3012f1ca46f6f3b736c1c182660e652113ade288c1b07a1e899176f5291da4381eab4f399b12d54436e51445c6aab0154911b56cf36659a7aa7b9140b2

  • SSDEEP

    393216:UJIKz1uRMU8GWbqH7C5bkY1rNMSsBGv4tJInTSn8gRagr6yVy+MFj/GH9XP4wqCU:ASkF48JrsGgtW+EurWGdXAJWDEg/FC5

Score
7/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      afc1fb52480204bb0658c1fb3e6c167d_JaffaCakes118

    • Size

      26.8MB

    • MD5

      afc1fb52480204bb0658c1fb3e6c167d

    • SHA1

      46853a908ef4bd4082558c31268cbb04417a0d00

    • SHA256

      1571b0a4d40aed75b989856b3ef632ba71a59d9c02efe840de4c40d9df6508f0

    • SHA512

      7ff09b3012f1ca46f6f3b736c1c182660e652113ade288c1b07a1e899176f5291da4381eab4f399b12d54436e51445c6aab0154911b56cf36659a7aa7b9140b2

    • SSDEEP

      393216:UJIKz1uRMU8GWbqH7C5bkY1rNMSsBGv4tJInTSn8gRagr6yVy+MFj/GH9XP4wqCU:ASkF48JrsGgtW+EurWGdXAJWDEg/FC5

    Score
    7/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      evasion
    behavioral1

    • Target

      sdk_wukong.zip

    • Size

      7.4MB

    • MD5

      64af5ec8925538d327becb54014b0b2f

    • SHA1

      97d34905d8b76a826ec379da0950458bdb50f0ea

    • SHA256

      5582e18a8ddcc031942ffac15249c4d9d5992ee8e5e71ba6192164b8ab696811

    • SHA512

      2f55ab2a287c4c8d0961379146ca9097489ac0e4a860c8a57f62faabaf9c7aac570eaefe3e2a87eea283c5b4513c44aec15d836e7e4ae746ab8c19fa7f49e896

    • SSDEEP

      196608:RCy+ekHJbkY1rS3l2kmY7+sTdKcAZvwJO8q:RC5bkY1rNMSsBGv7

    Score
    1/10
    behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks