56d17dc249dabe1340986351f636daddd96eb649e0e05f30d265d4a33e9c9246 | Triage

Submit
Reports

Overview

overview

8

Static

static

6

b741d2b674...18.apk

android-9-x86

8

b741d2b674...18.apk

android-10-x64

8

b741d2b674...18.apk

android-11-x64

8

Sharing

General

Target

b741d2b6745db00def2922e779d2b0bf_JaffaCakes118
Size

615KB
Sample

240617-hjn4sssgrp
MD5

b741d2b6745db00def2922e779d2b0bf
SHA1

1298ed5ce8e48405a9a3c566c756d7344d9e305a
SHA256

56d17dc249dabe1340986351f636daddd96eb649e0e05f30d265d4a33e9c9246
SHA512

f482276cf8a369b1110773731726601056662680f68330ec991ab3b554d6efeac5208dc6d2edf91d323a80d1ed08ca0759e4599991fbc7f42753b70dcd71e9be
SSDEEP

12288:9DrVLy7/yNALXxOUDs/Lp6uN38NDFTIKn1MQWnA+Rhffmdare:9DBLyqNALkbTh+5FTJ+REP

Score

8^/10

android banker collection credential_access discovery evasion impact persistence stealth trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b741d2b6745db00def2922e779d2b0bf_JaffaCakes118.apk

Resource

android-x86-arm-20240611.1-en

banker discovery evasion impact persistence stealth trojan

android-9-x86

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

b741d2b6745db00def2922e779d2b0bf_JaffaCakes118.apk

Resource

android-x64-20240611.1-en

banker collection credential_access discovery evasion impact persistence stealth trojan

android-10-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

b741d2b6745db00def2922e779d2b0bf_JaffaCakes118.apk

Resource

android-x64-arm64-20240611.1-en

banker collection credential_access discovery evasion impact stealth trojan

android-11-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b741d2b6745db00def2922e779d2b0bf_JaffaCakes118
- Size
  
  615KB
- MD5
  
  b741d2b6745db00def2922e779d2b0bf
- SHA1
  
  1298ed5ce8e48405a9a3c566c756d7344d9e305a
- SHA256
  
  56d17dc249dabe1340986351f636daddd96eb649e0e05f30d265d4a33e9c9246
- SHA512
  
  f482276cf8a369b1110773731726601056662680f68330ec991ab3b554d6efeac5208dc6d2edf91d323a80d1ed08ca0759e4599991fbc7f42753b70dcd71e9be
- SSDEEP
  
  12288:9DrVLy7/yNALXxOUDs/Lp6uN38NDFTIKn1MQWnA+Rhffmdare:9DBLyqNALkbTh+5FTJ+REP
Score

8^/10

banker discovery evasion impact persistence stealth trojan collection credential_access
- Removes its main activity from the application launcher
  stealth trojan evasion
- Checks Android system properties for emulator presence.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankerdiscoveryevasionimpactpersistencestealthtrojan

behavioral2

bankercollectioncredential_accessdiscoveryevasionimpactpersistencestealthtrojan

behavioral3

bankercollectioncredential_accessdiscoveryevasionimpactstealthtrojan

© 2018-2024

Terms | Privacy