Overview

overview

8

Static

static

6

53283a722d...18.apk

android-9-x86

8

53283a722d...18.apk

android-10-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    53283a722d9fc9e4d92c7053cd060101_JaffaCakes118

  • Size

    14.6MB

  • Sample

    241017-xfm5nasglj

  • MD5

    53283a722d9fc9e4d92c7053cd060101

  • SHA1

    9fe2ac406145458e697c0b20cbc344a5fdce9ee6

  • SHA256

    aeb9aa4bb1f223ff2564a8d004f03e4cef340af8a45e7eea291238c240a2c4a3

  • SHA512

    3f1f966acc8e68f0de3291dfd6788ded6a4fbd4d4a5d16a0792821d680e806982ebd9a9d696f5da263205b77c93936ee0201f0a06b1e3090b83c18a28b3abe45

  • SSDEEP

    393216:xKwDFzndzFnaHd2SbByWmRLvLJ8HMc1aDkuOKO:xK2FTpFIsWmR3J8sc1aDkuOj

Score
8/10
androidcollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      53283a722d9fc9e4d92c7053cd060101_JaffaCakes118

    • Size

      14.6MB

    • MD5

      53283a722d9fc9e4d92c7053cd060101

    • SHA1

      9fe2ac406145458e697c0b20cbc344a5fdce9ee6

    • SHA256

      aeb9aa4bb1f223ff2564a8d004f03e4cef340af8a45e7eea291238c240a2c4a3

    • SHA512

      3f1f966acc8e68f0de3291dfd6788ded6a4fbd4d4a5d16a0792821d680e806982ebd9a9d696f5da263205b77c93936ee0201f0a06b1e3090b83c18a28b3abe45

    • SSDEEP

      393216:xKwDFzndzFnaHd2SbByWmRLvLJ8HMc1aDkuOKO:xK2FTpFIsWmR3J8sc1aDkuOj

    Score
    8/10
    discoveryevasionexecutionimpactpersistencecollectioncredential_access

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks