Overview

overview

8

Static

static

6

c76066057e...18.apk

android-9-x86

8

c76066057e...18.apk

android-13-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c76066057ed6967b87a64ecf8bcf24a3_JaffaCakes118

  • Size

    18.8MB

  • Sample

    240828-wp8x2s1ckk

  • MD5

    c76066057ed6967b87a64ecf8bcf24a3

  • SHA1

    f498f649e7abdb9f4e66a5277f6e1d3f94dd1750

  • SHA256

    e72f0e9baa5af494db8cc3c60a7f238fa6235539ece6d40d806674e7d62aeb47

  • SHA512

    e86d0b60b215ad7378a41658e21a074f90f811964e3d122ee67f94c4e97c5446f4f190950142e5769af6c821e78a2ddb681b0efb94bcd5bbc36e6f0b8b0849e5

  • SSDEEP

    393216:0+hzhBiypxiyjVgjnsFRrb2IW2UTyanHAGnbe805CW7qL8+w65hZvQ1:Zzvi6xJgsvPk2UTlngGnba5/X+wY/Q1

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      c76066057ed6967b87a64ecf8bcf24a3_JaffaCakes118

    • Size

      18.8MB

    • MD5

      c76066057ed6967b87a64ecf8bcf24a3

    • SHA1

      f498f649e7abdb9f4e66a5277f6e1d3f94dd1750

    • SHA256

      e72f0e9baa5af494db8cc3c60a7f238fa6235539ece6d40d806674e7d62aeb47

    • SHA512

      e86d0b60b215ad7378a41658e21a074f90f811964e3d122ee67f94c4e97c5446f4f190950142e5769af6c821e78a2ddb681b0efb94bcd5bbc36e6f0b8b0849e5

    • SSDEEP

      393216:0+hzhBiypxiyjVgjnsFRrb2IW2UTyanHAGnbe805CW7qL8+w65hZvQ1:Zzvi6xJgsvPk2UTlngGnba5/X+wY/Q1

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell information.

      collectiondiscovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks