Overview

overview

8

Static

static

6

b0024f171e...18.apk

android-9-x86

8

b0024f171e...18.apk

android-13-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    b0024f171e83cd7557c95705523cba0d_JaffaCakes118

  • Size

    23.8MB

  • Sample

    240615-zlagvstdme

  • MD5

    b0024f171e83cd7557c95705523cba0d

  • SHA1

    1cadba3162f9c3b2b2479df38cd2eb23a5f7afb7

  • SHA256

    41997ad4f394be1cc16e9f53a9cd40764cc78ade31b386e77efee3155fea9257

  • SHA512

    7dc6ac430b81969090429d7d5c82f2ac5ae15c02c5c4739cd01435deb77e1194c46d0f52f72f1f8c9e1e54bd56788b6fa688ea9b0f83eccdf9ca1b057fed003d

  • SSDEEP

    393216:CU1QnPBo2YG2eAiSZp98G7yACIqxIqy2Gs4jpYKomdO6k3Ulwv+ktqlDwZXy2yx4:CCxIgX7yBIqZy2IpJjMr4wFSMI2yxLU

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      b0024f171e83cd7557c95705523cba0d_JaffaCakes118

    • Size

      23.8MB

    • MD5

      b0024f171e83cd7557c95705523cba0d

    • SHA1

      1cadba3162f9c3b2b2479df38cd2eb23a5f7afb7

    • SHA256

      41997ad4f394be1cc16e9f53a9cd40764cc78ade31b386e77efee3155fea9257

    • SHA512

      7dc6ac430b81969090429d7d5c82f2ac5ae15c02c5c4739cd01435deb77e1194c46d0f52f72f1f8c9e1e54bd56788b6fa688ea9b0f83eccdf9ca1b057fed003d

    • SSDEEP

      393216:CU1QnPBo2YG2eAiSZp98G7yACIqxIqy2Gs4jpYKomdO6k3Ulwv+ktqlDwZXy2yx4:CCxIgX7yBIqZy2IpJjMr4wFSMI2yxLU

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks