Overview

overview

8

Static

static

6

ce3c27f209...18.apk

android-9-x86

8

ce3c27f209...18.apk

android-10-x64

8

ce3c27f209...18.apk

android-11-x64

8

netw.apk

android-9-x86

1

netw.apk

android-10-x64

1

netw.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce3c27f2093bc7c87b267643bf530569_JaffaCakes118

  • Size

    5.2MB

  • Sample

    240906-anw17swckl

  • MD5

    ce3c27f2093bc7c87b267643bf530569

  • SHA1

    858a0434136ded6ee2cdc84f689c6ae393bcde63

  • SHA256

    35388c45bd74e105a99bf7c25a15dfd874af229d2891690c9d065945fa972a09

  • SHA512

    63981c9ea9da102ff02eced243c32addcf50e06fbe9550835f081ab0e0585158f1376d600e62c8a41596a028a47c8dbf97fbce7f890f8ef451e5230c0716fedf

  • SSDEEP

    98304:qDQTFIt1C1oWtyHKQcMYmxA/CD4fYQIugFEJGXzeXIcTxzn:qDQTq5GLyxkCD4DjgFEJGXsIIn

Score
8/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      ce3c27f2093bc7c87b267643bf530569_JaffaCakes118

    • Size

      5.2MB

    • MD5

      ce3c27f2093bc7c87b267643bf530569

    • SHA1

      858a0434136ded6ee2cdc84f689c6ae393bcde63

    • SHA256

      35388c45bd74e105a99bf7c25a15dfd874af229d2891690c9d065945fa972a09

    • SHA512

      63981c9ea9da102ff02eced243c32addcf50e06fbe9550835f081ab0e0585158f1376d600e62c8a41596a028a47c8dbf97fbce7f890f8ef451e5230c0716fedf

    • SSDEEP

      98304:qDQTFIt1C1oWtyHKQcMYmxA/CD4fYQIugFEJGXzeXIcTxzn:qDQTq5GLyxkCD4DjgFEJGXsIIn

    Score
    8/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2behavioral3

    • Target

      netw

    • Size

      71KB

    • MD5

      72d4c43cc5df5879f63035617f2165b4

    • SHA1

      f91bac0eb388142ab593910e5dc3482cbae49d10

    • SHA256

      d6dfa178fa6b4acdc383c23a5d416c59545d7cc1334fb3919bd6b883101040e7

    • SHA512

      79fcbd0c9d721f44d1b6317a02ac71c0b87f8248442c6c14f6c80fb7cf9aac2cd12cc9d3ba12e97d03d6705221a462f98d49a260da4967c4b8ef14ee634e1f4d

    • SSDEEP

      1536:2RGWE32J6V7ePV3ZESeHbiALbLrztMq2MTFL4u:kGt2J6RePVSFGGzpMEyu

    Score
    1/10
    behavioral4behavioral5behavioral6

MITRE ATT&CK Mobile v15

Tasks