Overview

overview

10

Static

static

6

dcbe8909eb...18.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dcbe8909eb8a93aa58c61f895e90231b_JaffaCakes118

  • Size

    4.0MB

  • Sample

    240912-wege2swdrl

  • MD5

    dcbe8909eb8a93aa58c61f895e90231b

  • SHA1

    440d12b7c9b17561341edf632946265f56614c0b

  • SHA256

    a9414523792bdacfacb4ab5d71b5b0a7d5ee2b30ea7cc87b64cdc6b8ac33c060

  • SHA512

    7c033b105290cfc0d9dea966749ed7c715c12e9d516deb0f146bbae88142976123a4c2a889dd45d66e89a231a31456be9b7c6afd6642a6554a9da7f1333fc330

  • SSDEEP

    98304:f3MmmTh4BL7rhBJRu9B+B0xfubCavVQram5/6zswquACYuzQJWd:kmq4p7NscB02CavVQraK/nwqnMr

Score
10/10
badmirrorandroidbankercollectiondiscoveryevasioninfostealerrattrojan

Malware Config

Targets

    • Target

      dcbe8909eb8a93aa58c61f895e90231b_JaffaCakes118

    • Size

      4.0MB

    • MD5

      dcbe8909eb8a93aa58c61f895e90231b

    • SHA1

      440d12b7c9b17561341edf632946265f56614c0b

    • SHA256

      a9414523792bdacfacb4ab5d71b5b0a7d5ee2b30ea7cc87b64cdc6b8ac33c060

    • SHA512

      7c033b105290cfc0d9dea966749ed7c715c12e9d516deb0f146bbae88142976123a4c2a889dd45d66e89a231a31456be9b7c6afd6642a6554a9da7f1333fc330

    • SSDEEP

      98304:f3MmmTh4BL7rhBJRu9B+B0xfubCavVQram5/6zswquACYuzQJWd:kmq4p7NscB02CavVQraK/nwqnMr

    Score
    10/10
    badmirrorbankercollectiondiscoveryevasioninfostealerrattrojan

    • BadMirror

      BadMirror is an Android infostealer first seen in March 2016.

      trojaninfostealerratbadmirror

    • BadMirror payload

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the content of SMS inbox messages.

      collection

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

MITRE ATT&CK Mobile v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.