Overview

overview

7

Static

static

6

dc4bebb4bf...18.apk

android-9-x86

7

360sdk_1_2106.apk

android-9-x86

6

360sdk_3_1000.apk

android-9-x86

6

360sdk_3_1000.apk

android-10-x64

6

360sdk_3_1000.apk

android-11-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dc4bebb4bf388a0c3bb4f2686d681dcc_JaffaCakes118

  • Size

    31.0MB

  • Sample

    240912-psfbksvemh

  • MD5

    dc4bebb4bf388a0c3bb4f2686d681dcc

  • SHA1

    b4cfea0c3032fc47248be86a2551776ec1c2dad4

  • SHA256

    16b520dac5a65ddcc6ef62f6a2b26f99b3e87c056199b554ad64fef6aff88755

  • SHA512

    f1f84b476ef7002c1330bb1fcdd14016030a86b17cfd46e8799a86719a18a0c0ff2a89854423f188d3125f9607d55b9934436b05d9a7d09f4fba0d092bbf1fd9

  • SSDEEP

    786432:Cc6K5CpN9RzFqX5wjI54jxOgpSh+qSzFhhNU:CHRDxq38Jpvq4y

Score
7/10
androidbankercollectiondiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      dc4bebb4bf388a0c3bb4f2686d681dcc_JaffaCakes118

    • Size

      31.0MB

    • MD5

      dc4bebb4bf388a0c3bb4f2686d681dcc

    • SHA1

      b4cfea0c3032fc47248be86a2551776ec1c2dad4

    • SHA256

      16b520dac5a65ddcc6ef62f6a2b26f99b3e87c056199b554ad64fef6aff88755

    • SHA512

      f1f84b476ef7002c1330bb1fcdd14016030a86b17cfd46e8799a86719a18a0c0ff2a89854423f188d3125f9607d55b9934436b05d9a7d09f4fba0d092bbf1fd9

    • SSDEEP

      786432:Cc6K5CpN9RzFqX5wjI54jxOgpSh+qSzFhhNU:CHRDxq38Jpvq4y

    Score
    7/10
    bankercollectiondiscoveryevasionexecutionimpactpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      360sdk_1_2106.zip

    • Size

      5.6MB

    • MD5

      55ef179758e5171ea2a92dd4d11a4c9c

    • SHA1

      d83bacb584057f2c7df1cc542e32f8378c138e66

    • SHA256

      faed89c45158027242f03883a3780a908d2fe85ab8f6eeb965555dd5bd162962

    • SHA512

      62712b9057f2e7cb126be44ebc6add954146c40d285fbecee05cdd15657713f3c02038856b29f7765d0cd6b442286ab79d8c24dd6765f61c81c75a176b0e403d

    • SSDEEP

      98304:o/evivzzq2Xh2fcZYKl3BlizLVevgc93KiJX0k3FzUYv87gliVMmTbjZ71qts+eh:Gevivzz12fKBOogoVJX0Gvv87xJMheE6

    Score
    6/10
    discoverypersistence

    • Queries information about active data network

      discovery
    behavioral2

    • Target

      360sdk_3_1000.zip

    • Size

      1.7MB

    • MD5

      1e9aa09b41624c4ab3dfa530fd1078e9

    • SHA1

      32896aa59fd6f1509f4f46ec4eebb496658f91aa

    • SHA256

      fdd2ac00ca6342d0ad1a684ab5ff6e683b2b56891ae08e6a16578892977e50b7

    • SHA512

      9ec9ffacd3db5ab686eed1f68ea8f466030301cebb510ec3a9f3ffb6dc94277d4afba85a92bf7c3679c3fd6ecedad486fdc07adb152a77ec4ddce9dd943d40f5

    • SSDEEP

      49152:ktqW6lW3LwyQmpkUTtjB0osrxHwD7lKHN:6qW6CLwQp/TT8rx6KHN

    Score
    6/10
    discoveryimpactpersistence

    • Queries information about active data network

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks