Overview

overview

8

Static

static

6

8cc22aab6b...18.apk

android-9-x86

1

8cc22aab6b...18.apk

android-13-x64

1

VqsVirtual1.apk

android-9-x86

8

VqsVirtual1.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8cc22aab6bf56b4c8befee5ef99fa55f_JaffaCakes118

  • Size

    17.2MB

  • Sample

    240812-brhhnaydpj

  • MD5

    8cc22aab6bf56b4c8befee5ef99fa55f

  • SHA1

    cd9ef23112a049d1520ceed4f94b4b4db4bdb85c

  • SHA256

    4719db61fd16329ab2a96f650498f2bcc29e838a1d7a92999e43485c50bf1fb9

  • SHA512

    9571596d2979f5bdf2bf1679eb079a01a5daa6e555fb77077d32609825382b123346fb459ba65c4ef55ac1131fef98c778161c686fede9995bf056c5747b8396

  • SSDEEP

    393216:sKON37SH9K62uMoPYwmWkFTutfwTWAEAU+xZqWm3:Ai952KPz0dywKLAU+xZ5G

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      8cc22aab6bf56b4c8befee5ef99fa55f_JaffaCakes118

    • Size

      17.2MB

    • MD5

      8cc22aab6bf56b4c8befee5ef99fa55f

    • SHA1

      cd9ef23112a049d1520ceed4f94b4b4db4bdb85c

    • SHA256

      4719db61fd16329ab2a96f650498f2bcc29e838a1d7a92999e43485c50bf1fb9

    • SHA512

      9571596d2979f5bdf2bf1679eb079a01a5daa6e555fb77077d32609825382b123346fb459ba65c4ef55ac1131fef98c778161c686fede9995bf056c5747b8396

    • SSDEEP

      393216:sKON37SH9K62uMoPYwmWkFTutfwTWAEAU+xZqWm3:Ai952KPz0dywKLAU+xZ5G

    Score
    1/10
    behavioral1behavioral2

    • Target

      VqsVirtual1.apk

    • Size

      3.0MB

    • MD5

      6bb4b69cc2285d212d93831fe52bb6f7

    • SHA1

      725bfd49a206f4d347d7105b7f278a4dc9ff5ddc

    • SHA256

      4a12517417ce94bb25090760e60a92cf88b53479281af3f4e5104e2180410986

    • SHA512

      ebc5f919b0c631eb791da1ac09c16813becac83189f67207a6d5b7d5391579799e2a17d8f6febd7b4cfc8afd798ca91a2c36cd084f93a442e88b0c9cf3b8ee18

    • SSDEEP

      98304:LRKaWLkhyUnCnMeGnzWGLATAS4V0FvFP2bwojGy3m2Iv:LIaWLOnmMeGzWG8v00hFPHojGIIv

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks