Overview

overview

7

Static

static

6

31060115e0...18.apk

android-9-x86

7

31060115e0...18.apk

android-10-x64

7

31060115e0...18.apk

android-11-x64

7

b.apk

android-9-x86

6

b.apk

android-10-x64

7

b.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31060115e0b126d878cc8c28ab072fa8_JaffaCakes118

  • Size

    1.9MB

  • Sample

    241010-vrcrysxajf

  • MD5

    31060115e0b126d878cc8c28ab072fa8

  • SHA1

    f4aeec239475633000386d500f551dd1e57025b7

  • SHA256

    023ce9a368ece43992682377d3d341b75b7b54452bad1dc90419a86fd97c980f

  • SHA512

    9be7b981b20b9efd1529ee789b3f90eda6895cee4da627bb8401771a3db9979dd42f69da374bcdf7c82c1be5c04f7c494e9fa185b5730a7d77d15102fee8eb44

  • SSDEEP

    24576:+8TnIAQH318QfU3zkEriqUfgMpULJHx+zz7uHIA9giY00+QLxe99IqDAFjQGPfU3:+82lMjrOBYSU9H0zkIAChFxIVm0KC

Score
7/10
androidbankercollectioncredential_accessdiscoveryimpactpersistence

Malware Config

Targets

    • Target

      31060115e0b126d878cc8c28ab072fa8_JaffaCakes118

    • Size

      1.9MB

    • MD5

      31060115e0b126d878cc8c28ab072fa8

    • SHA1

      f4aeec239475633000386d500f551dd1e57025b7

    • SHA256

      023ce9a368ece43992682377d3d341b75b7b54452bad1dc90419a86fd97c980f

    • SHA512

      9be7b981b20b9efd1529ee789b3f90eda6895cee4da627bb8401771a3db9979dd42f69da374bcdf7c82c1be5c04f7c494e9fa185b5730a7d77d15102fee8eb44

    • SSDEEP

      24576:+8TnIAQH318QfU3zkEriqUfgMpULJHx+zz7uHIA9giY00+QLxe99IqDAFjQGPfU3:+82lMjrOBYSU9H0zkIAChFxIVm0KC

    Score
    7/10
    bankerdiscoverypersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Requests dangerous framework permissions

    behavioral1behavioral2behavioral3

    • Target

      b.apk

    • Size

      982KB

    • MD5

      e6658f97192b31a14f9142cdca67f54e

    • SHA1

      900971b86950af115dd829b925fc42d51773d0b5

    • SHA256

      e2cb52fcd8a17d6854c048d44a22f28c45e2f7d20e6f2914f735c7f268988383

    • SHA512

      942d2b2f56c4dbb3acbad8176852426e3e461fe1b4e0689ec023fc8b59e4b41b674e62d11e385cf16eb6853f191589c5be71ed5750c5aff017e74b1c89f193f3

    • SSDEEP

      24576:U8TnIAQH318QfU3zkEriqUfgMpULJHx+zz7ub:U82lMjrOBYSU9H0zs

    Score
    7/10
    discoverypersistencecollectioncredential_accessimpact

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral4behavioral5behavioral6

MITRE ATT&CK Mobile v15

Tasks