Overview

overview

8

Static

static

6

25fe46fc18...18.apk

android-9-x86

8

25fe46fc18...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25fe46fc182a6c48c7f52fcc2b1ce5d9_JaffaCakes118

  • Size

    15.4MB

  • Sample

    240704-x8ghksvdrj

  • MD5

    25fe46fc182a6c48c7f52fcc2b1ce5d9

  • SHA1

    fb77a38a524512e34962fa04dc2ffdb094b8529e

  • SHA256

    605d2dcdea05f0d6ce55f009d676846cec92b51a5c4648692d922d51c3420c24

  • SHA512

    034de087b726f05a039ef7feb94851718c46b9c939a35bcb9e6777a7679ff43ee7671852d2e98b13646df1c1c103a017b2ad34c61d1f6c7051f9e7608f599109

  • SSDEEP

    393216:3tLoYI+Cz6Yobz937ROIM93XxR2ixkyvVGntWB+SQ:3tLoYyg9rIIM9nxJkptWBY

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      25fe46fc182a6c48c7f52fcc2b1ce5d9_JaffaCakes118

    • Size

      15.4MB

    • MD5

      25fe46fc182a6c48c7f52fcc2b1ce5d9

    • SHA1

      fb77a38a524512e34962fa04dc2ffdb094b8529e

    • SHA256

      605d2dcdea05f0d6ce55f009d676846cec92b51a5c4648692d922d51c3420c24

    • SHA512

      034de087b726f05a039ef7feb94851718c46b9c939a35bcb9e6777a7679ff43ee7671852d2e98b13646df1c1c103a017b2ad34c61d1f6c7051f9e7608f599109

    • SSDEEP

      393216:3tLoYI+Cz6Yobz937ROIM93XxR2ixkyvVGntWB+SQ:3tLoYyg9rIIM9nxJkptWBY

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads device software version

      Uses Android APIs to read software version number for the device (IMEI/SV for GSM devices).

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks