Overview

overview

7

Static

static

6

08d9508e02...18.apk

android-9-x86

7

AlipayMSP0...24.apk

android-9-x86

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    08d9508e0200b6242aa5f9af84847462_JaffaCakes118

  • Size

    10.3MB

  • Sample

    241002-exgp4awhrr

  • MD5

    08d9508e0200b6242aa5f9af84847462

  • SHA1

    0e38f822a8405d4303e2a877d25cc603283fdf04

  • SHA256

    e7b498d9a295909c05c0f3a25c13df27e9f619af5824b32f285ac11cbd1e0a5f

  • SHA512

    3f7eb76f94a98a21d66ddfbe3489dc0eebc4f4a2e15ecceed8cdabd1f19368fe48649db6367d1bb925c2f7d782cd53c60eea11b2aa56f72dca48a38478c6da17

  • SSDEEP

    196608:xLgBajrQtenvv9eGhsiuSm5lq4c4dVnzeEQo1koegrtU9:nX8AHuq4c4XSnYk5gr29

Score
7/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      08d9508e0200b6242aa5f9af84847462_JaffaCakes118

    • Size

      10.3MB

    • MD5

      08d9508e0200b6242aa5f9af84847462

    • SHA1

      0e38f822a8405d4303e2a877d25cc603283fdf04

    • SHA256

      e7b498d9a295909c05c0f3a25c13df27e9f619af5824b32f285ac11cbd1e0a5f

    • SHA512

      3f7eb76f94a98a21d66ddfbe3489dc0eebc4f4a2e15ecceed8cdabd1f19368fe48649db6367d1bb925c2f7d782cd53c60eea11b2aa56f72dca48a38478c6da17

    • SSDEEP

      196608:xLgBajrQtenvv9eGhsiuSm5lq4c4dVnzeEQo1koegrtU9:nX8AHuq4c4XSnYk5gr29

    Score
    7/10
    collectiondiscoveryevasionimpactpersistence

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1

    • Target

      AlipayMSP090_PPTV_V3.5.2.0424.apk

    • Size

      350KB

    • MD5

      4299fba05928ff389bbd58a235f74c86

    • SHA1

      c4ddad6c8872985bb2f50b94aa87046778034faa

    • SHA256

      a125388128d681bc47d00bdf2df30b20a12d187681db593c508126af472eda24

    • SHA512

      05c4c4b8072a718998072d5442efcb6ae817217478e3cd485e5d80c674d0081dc72561df7726985036746a7fe044153f8ec3faf9add3498bc49e3a71e650a112

    • SSDEEP

      6144:QfJiREH0/sEGId2fuRmlxLwEd0r2sfS4QlV7G8v9oKvFuQL2bBV2fnbJk:QfJisFEGc2yms5a4QlV7G8Ge62fnbu

    Score
    7/10
    collectiondiscoveryevasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery
    behavioral2

MITRE ATT&CK Mobile v15

Tasks