Overview

overview

7

Static

static

6

46605f5891...18.apk

android-9-x86

7

lyhtgh.mn....23.apk

android-9-x86

1

lyhtgh.mn....23.apk

android-10-x64

1

lyhtgh.mn....23.apk

android-11-x64

1

unicom_resource.apk

android-9-x86

1

unicom_resource.apk

android-10-x64

1

unicom_resource.apk

android-11-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46605f58913bd5df45fe8d40f376bd69_JaffaCakes118

  • Size

    4.3MB

  • Sample

    241015-hrng8svdrr

  • MD5

    46605f58913bd5df45fe8d40f376bd69

  • SHA1

    c55da426d2e512c3abd5c82c7bcc27e70b4b188b

  • SHA256

    248977e818db08253c954ef98200f3c90360e48161a37e15541a48b49da8add7

  • SHA512

    b2f09f7952f7da0b26df2c656f87ab8bd9b5d42b74f9f3dc2e5486923100f5b383d07b8ef56c77ab80da59804aacf4d0fa9c5bc540736164ad055630c27d5488

  • SSDEEP

    98304:L3heT29ecJ7b9i7ZDkPEvO5ZD02CccplZrL327O2EjTth:L3hfeK7b9wZDqEvOEbXpT72Mj

Score
7/10
androidbankercollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      46605f58913bd5df45fe8d40f376bd69_JaffaCakes118

    • Size

      4.3MB

    • MD5

      46605f58913bd5df45fe8d40f376bd69

    • SHA1

      c55da426d2e512c3abd5c82c7bcc27e70b4b188b

    • SHA256

      248977e818db08253c954ef98200f3c90360e48161a37e15541a48b49da8add7

    • SHA512

      b2f09f7952f7da0b26df2c656f87ab8bd9b5d42b74f9f3dc2e5486923100f5b383d07b8ef56c77ab80da59804aacf4d0fa9c5bc540736164ad055630c27d5488

    • SSDEEP

      98304:L3heT29ecJ7b9i7ZDkPEvO5ZD02CccplZrL327O2EjTth:L3hfeK7b9wZDqEvOEbXpT72Mj

    Score
    7/10
    bankercollectiondiscoveryevasionimpactpersistence

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the content of SMS inbox messages.

      collection

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1

    • Target

      lyhtgh.mn.ltplugin_v1023.pl

    • Size

      145KB

    • MD5

      278e8100ea1ee2c466d55451e87cef73

    • SHA1

      8347d2b269f74841ca92cef51d450ed953d73aaa

    • SHA256

      06d08532287fc6a934aba8d5a361eb83e4d7a1c8cde4f6663ab2746e4fc09a38

    • SHA512

      3e7fcf245a07ce8e03a78f75835c30e0b0f270e68987f85b92aa97f7b0894d73702ebdd80372cddea310a52624db1ccf65125399b6bf218dbd717ad053dec088

    • SSDEEP

      3072:oxUD4XoHRfdDehWRT3ZI2c9CvcLUswbaTqM2r1vjKIjCB94PXZ:h4oBda8TXc8v0UsjTQJjtCu

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      unicom_resource.dat

    • Size

      41KB

    • MD5

      1099cc55782e9dfbea4df0cc9c42e8af

    • SHA1

      c398368af914bbc35187b15201ab9b10de3f0592

    • SHA256

      7ae180774a4f784d4ebc21650295cea6269d0c4a1884a5af815930ee47553279

    • SHA512

      e6dcdac4c51042db8a91f25cf9d1461c0b4284a5138086fb3264e7090840aa6ca144f18e7bc498d0ecd1d131804193d94bdf471e8ada15f7b30b2bb8359adef8

    • SSDEEP

      768:R8gYCYCpONOKIfwiFWAkEsDVop56mAOvuGMC21q0dkHj:9PRpO4KsOOvuG3+dkD

    Score
    1/10
    behavioral5behavioral6behavioral7

MITRE ATT&CK Mobile v15

Tasks