Overview

overview

8

Static

static

6

ea71d2f079...18.apk

android-9-x86

7

ea71d2f079...18.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea71d2f079ed9e14bec1ba59e30ea4b9_JaffaCakes118

  • Size

    31.1MB

  • Sample

    240919-c9nm3axapd

  • MD5

    ea71d2f079ed9e14bec1ba59e30ea4b9

  • SHA1

    20a7513263779500a7a3c8d6673464d2f986ee7e

  • SHA256

    00bc4cc6ff2837de7c3216a7812c0fca1fa73a882778acfd50b4327b58368af7

  • SHA512

    cfeec4dee7840c6a26744a5a16cdac94459f2b6ba04616e7eefe5ff13eeb8d36ee54b72e61d559189f7d032c64c47a6c3c29d86865f1f2a08baa739d79ff8384

  • SSDEEP

    786432:MmcXwPGzhed8nLFAdOzfySMhgztgXEqKdLLp6wQFcvjk20Z:9cXwuzhgSAdOzfpMS5CKdLp6wrvjk2u

Score
8/10
androidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      ea71d2f079ed9e14bec1ba59e30ea4b9_JaffaCakes118

    • Size

      31.1MB

    • MD5

      ea71d2f079ed9e14bec1ba59e30ea4b9

    • SHA1

      20a7513263779500a7a3c8d6673464d2f986ee7e

    • SHA256

      00bc4cc6ff2837de7c3216a7812c0fca1fa73a882778acfd50b4327b58368af7

    • SHA512

      cfeec4dee7840c6a26744a5a16cdac94459f2b6ba04616e7eefe5ff13eeb8d36ee54b72e61d559189f7d032c64c47a6c3c29d86865f1f2a08baa739d79ff8384

    • SSDEEP

      786432:MmcXwPGzhed8nLFAdOzfySMhgztgXEqKdLLp6wQFcvjk20Z:9cXwuzhgSAdOzfpMS5CKdLp6wrvjk2u

    Score
    8/10
    discoveryevasionpersistencecollectioncredential_accessimpact

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks