Overview

overview

8

Static

static

6

148b18725c...18.apk

android-9-x86

8

148b18725c...18.apk

android-10-x64

8

148b18725c...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    148b18725c4847f02f7acbfd3638032e_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241004-xhftcszgkr

  • MD5

    148b18725c4847f02f7acbfd3638032e

  • SHA1

    b3a474b01ae3bd2fb3aaa95ea7224cd77e20bab9

  • SHA256

    775603c8dce73634d44a4e4acc4c4d713e70e8243c72eb184cf016fa0b5880b3

  • SHA512

    bf2659edd7f05d2f80f3ed67e52afdc2b3d6b328fbb534737b80368cd8403c4856fe6d3241ef28d761605045c20e56891714693db006ce89b7d805a81206b5d4

  • SSDEEP

    24576:DfoL0otaYtXMPQFx71O4NcGZcv2Kn+WUjTo+4Qj8XUq/13tdHbZKm51Ob83V:sQ7YtDWccGun0j/9j8XUq/1XHNKmjbF

Score
8/10
androidbankercollectiondiscoveryevasionpersistencestealthtrojan

Malware Config

Targets

    • Target

      148b18725c4847f02f7acbfd3638032e_JaffaCakes118

    • Size

      1.3MB

    • MD5

      148b18725c4847f02f7acbfd3638032e

    • SHA1

      b3a474b01ae3bd2fb3aaa95ea7224cd77e20bab9

    • SHA256

      775603c8dce73634d44a4e4acc4c4d713e70e8243c72eb184cf016fa0b5880b3

    • SHA512

      bf2659edd7f05d2f80f3ed67e52afdc2b3d6b328fbb534737b80368cd8403c4856fe6d3241ef28d761605045c20e56891714693db006ce89b7d805a81206b5d4

    • SSDEEP

      24576:DfoL0otaYtXMPQFx71O4NcGZcv2Kn+WUjTo+4Qj8XUq/13tdHbZKm51Ob83V:sQ7YtDWccGun0j/9j8XUq/1XHNKmjbF

    Score
    8/10
    bankercollectiondiscoveryevasionpersistencestealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.