Overview

overview

8

Static

static

6

fd8d9efb29...18.apk

android-9-x86

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    fd8d9efb29bb32abe25d81714a57d102_JaffaCakes118

  • Size

    6.2MB

  • Sample

    240929-b4b7eaveqr

  • MD5

    fd8d9efb29bb32abe25d81714a57d102

  • SHA1

    b18b71b04d2ecd52bb7a25d5d076607f625315ea

  • SHA256

    26f3f428080dbdc368a322a2cb9d3d0762f072d5b3ac01e7d2afdcb9bd7c6980

  • SHA512

    dbd8acb9bf13774309170016d84caf6b97a0622b452aa6e35c575eabc00f8f90a47d3d561313ac0bd8f8cf7ecb4b3bb71e71e0c9beaa736961f0b4ad1b4d2367

  • SSDEEP

    98304:IXJj7rAL3CWOUfQT1erNu82AhpBjHojAPy0TGybZcmuSP5zhhzxkRgalO51i:27KybUIT1erIJAhppuA51eEPVzxcNY1i

Score
8/10
androidbankerdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      fd8d9efb29bb32abe25d81714a57d102_JaffaCakes118

    • Size

      6.2MB

    • MD5

      fd8d9efb29bb32abe25d81714a57d102

    • SHA1

      b18b71b04d2ecd52bb7a25d5d076607f625315ea

    • SHA256

      26f3f428080dbdc368a322a2cb9d3d0762f072d5b3ac01e7d2afdcb9bd7c6980

    • SHA512

      dbd8acb9bf13774309170016d84caf6b97a0622b452aa6e35c575eabc00f8f90a47d3d561313ac0bd8f8cf7ecb4b3bb71e71e0c9beaa736961f0b4ad1b4d2367

    • SSDEEP

      98304:IXJj7rAL3CWOUfQT1erNu82AhpBjHojAPy0TGybZcmuSP5zhhzxkRgalO51i:27KybUIT1erIJAhppuA51eEPVzxcNY1i

    Score
    8/10
    bankerdiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks