Overview

overview

10

Static

static

6

6ebeb85ffe...18.apk

android-9-x86

10

6ebeb85ffe...18.apk

android-10-x64

10

6ebeb85ffe...18.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ebeb85ffe32db161606a7c53722b890_JaffaCakes118

  • Size

    3.0MB

  • Sample

    241023-nx1bwazfrj

  • MD5

    6ebeb85ffe32db161606a7c53722b890

  • SHA1

    dc93b4458efebbc4a15a330840f0c92359e4de95

  • SHA256

    5ce41f4ecbfa8fa2855689ec3cfc1015ccf17f00ad28fa3bd26b4b8c86c56ad9

  • SHA512

    6c89168da5662aef9e5753f802e16791668c1820971304b349f5560e829dfec272f13eb3726a4d0c0f339579b4ca006f1d4acc904513c71da69a0a4ecf7c2c69

  • SSDEEP

    49152:92UEyQygv2WCra6iKmRxdehYOE82PNSKpekboCtEQeiem9b5oZ9kw6PZzjC:92Qgv2WSa6ir8sSb6oCN5d7Pc

Score
10/10
hydraandroidbankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      6ebeb85ffe32db161606a7c53722b890_JaffaCakes118

    • Size

      3.0MB

    • MD5

      6ebeb85ffe32db161606a7c53722b890

    • SHA1

      dc93b4458efebbc4a15a330840f0c92359e4de95

    • SHA256

      5ce41f4ecbfa8fa2855689ec3cfc1015ccf17f00ad28fa3bd26b4b8c86c56ad9

    • SHA512

      6c89168da5662aef9e5753f802e16791668c1820971304b349f5560e829dfec272f13eb3726a4d0c0f339579b4ca006f1d4acc904513c71da69a0a4ecf7c2c69

    • SSDEEP

      49152:92UEyQygv2WCra6iKmRxdehYOE82PNSKpekboCtEQeiem9b5oZ9kw6PZzjC:92Qgv2WSa6ir8sSb6oCN5d7Pc

    Score
    10/10
    hydrabankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks