Overview

overview

10

Static

static

10

139469bc35...18.apk

android-9-x86

1

139469bc35...18.apk

android-10-x64

1

139469bc35...18.apk

android-11-x64

1

cxt.apk

android-9-x86

6

cxt.apk

android-10-x64

7

cxt.apk

android-11-x64

7

pdfapp.apk

android-9-x86

6

pdfapp.apk

android-10-x64

7

pdfapp.apk

android-11-x64

7

websiteapp.apk

android-9-x86

6

websiteapp.apk

android-10-x64

7

websiteapp.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    139469bc35124b11ea955c4fcd577013_JaffaCakes118

  • Size

    20.4MB

  • Sample

    240728-lxheystfqe

  • MD5

    139469bc35124b11ea955c4fcd577013

  • SHA1

    246aa1fc79f0b82046b23d2ba8d1b2dd63cf3182

  • SHA256

    3463f2bf09900e924cd2dc0acb1a4ca89e37c74122425c43526dce9aa7a53b6a

  • SHA512

    6ac61abad9d2f96b9119b937f9c635305f229e22d7b90c55fd79534671e0584204d507cd139c86ab2ac6650f47dbd62596c68b6a358365f0ebcdcd518a145942

  • SSDEEP

    393216:+ZyS5xEFZ8YPOClYU6CWTjyoZcUIti3obKETR0+C79wlCaFYdLrOaVtjt7a4aOAH:+ZZ5aFZ8YPpaCWTe1gkKEt0RZvpTNtb6

Score
10/10
irataandroidcollectioncredential_accessdiscoveryimpactlinkpdfpersistence

Malware Config

Targets

    • Target

      139469bc35124b11ea955c4fcd577013_JaffaCakes118

    • Size

      20.4MB

    • MD5

      139469bc35124b11ea955c4fcd577013

    • SHA1

      246aa1fc79f0b82046b23d2ba8d1b2dd63cf3182

    • SHA256

      3463f2bf09900e924cd2dc0acb1a4ca89e37c74122425c43526dce9aa7a53b6a

    • SHA512

      6ac61abad9d2f96b9119b937f9c635305f229e22d7b90c55fd79534671e0584204d507cd139c86ab2ac6650f47dbd62596c68b6a358365f0ebcdcd518a145942

    • SSDEEP

      393216:+ZyS5xEFZ8YPOClYU6CWTjyoZcUIti3obKETR0+C79wlCaFYdLrOaVtjt7a4aOAH:+ZZ5aFZ8YPpaCWTe1gkKEt0RZvpTNtb6

    Score
    1/10
    behavioral1behavioral2behavioral3

    • Target

      cxt.tpl

    • Size

      137KB

    • MD5

      334be52bc5aeb1efc7a50524d115b414

    • SHA1

      d218e7e755247223b4d72af356795b17a690de49

    • SHA256

      9ec4d1c69e500af04448426ed0fccb5d900ff9e98fc6bfddfbe2c215851af2f7

    • SHA512

      851a2b78edbad000a98a065d7beb865c5d6ef88229bf3472b6fa3ebc069ecee0574e76090f8ae7e9a6c3cf0e186a94dc8752b21789434c368601642f9478ed55

    • SSDEEP

      3072:rUjHxICepqChUuGWhkUt06rkTJqYb0kfP4MT8dNTsSDT96hatTvLj:4jx6UMpr4qYM487YSP98WT/

    Score
    7/10
    discoverypersistencecollectioncredential_accessimpact

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery
    behavioral4behavioral5behavioral6

    • Target

      pdfapp.aspx

    • Size

      1.6MB

    • MD5

      f2d40dd7a7c77e50654a3d6246be7bb6

    • SHA1

      abf53d1f0bb63190769eab8d385a8fed759567ef

    • SHA256

      b570a95ae8eeebc81d8cb9d5780ec1a1ddf7b0cfdfe06794bb6f21d21e744aa4

    • SHA512

      78c6e74215c760b84244da4c3a1327ab10f3ad348ced598670d900f3882e3a770e7a06fb07f29a785d6a9c25f55e6340c3b510220a00912d156c3490d3c31c4a

    • SSDEEP

      24576:AeyhEbMw0LMt+vPWwD/wFkTr90TOoL2faqYtzNmjQ3km3jKlFkZB6wh5fWO3dENo:Aeyh4MtoCPu2n9xstmQ3kejoMOO362

    Score
    7/10
    discoverypersistencecollectioncredential_accessimpact

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery
    behavioral7behavioral8behavioral9

    • Target

      websiteapp.aspx

    • Size

      120KB

    • MD5

      2a09c421bdd683df5341927efbdfa9f8

    • SHA1

      a7c1219c08ce6497a4164a3906c65b86c56ab28c

    • SHA256

      304acefee76fb67e6334de086ed4cb840f7db979b4d40bc4ca5a21f23a31f9a0

    • SHA512

      9b9cfec9123b8709678c4ed59315a89fff876803078fe4f3db3f137924b84750fcd58c2775ab9c9aa408ee17729bda741c4756f1845dc7557fa7894894f24e89

    • SSDEEP

      3072:8UTayZi+qzo0uCCTyahU63D2Wn9o4vamgFI9V8fKsavJ474M:wAj0uCCTyahU3WnVymfV+KsavJ479

    Score
    7/10
    discoverypersistencecollectioncredential_accessimpact

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries the mobile country code (MCC)

      discovery
    behavioral10behavioral11behavioral12

MITRE ATT&CK Mobile v15

Tasks