Overview

overview

8

Static

static

6

6fb4d640fd...18.apk

android-9-x86

8

6fb4d640fd...18.apk

android-10-x64

8

6fb4d640fd...18.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6fb4d640fd9021d43d3e952be9118888_JaffaCakes118

  • Size

    1.9MB

  • Sample

    241023-s784zszfkq

  • MD5

    6fb4d640fd9021d43d3e952be9118888

  • SHA1

    6bb5ac29eaa12991655c67c0b133f0de547b716b

  • SHA256

    0ccf9cfae60602b20c679ad8d56cc14f94ebf50aed389ef9db8a86e717ed76ea

  • SHA512

    004c3bab57a2081748ece4e0a78cab2c7cb2da4cc78f78a3dd63eb3929432233cf4843a5313d87f7504f7cd4fd80b5953e9ceb302e11b1bc954d875f498a6fcb

  • SSDEEP

    49152:+qq3L9SshzzJ+RC/nvL9OWY5Bp7UWucfj06:+qq3LnzzBvhOWgn7/u2j7

Score
8/10
androidbankercollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      6fb4d640fd9021d43d3e952be9118888_JaffaCakes118

    • Size

      1.9MB

    • MD5

      6fb4d640fd9021d43d3e952be9118888

    • SHA1

      6bb5ac29eaa12991655c67c0b133f0de547b716b

    • SHA256

      0ccf9cfae60602b20c679ad8d56cc14f94ebf50aed389ef9db8a86e717ed76ea

    • SHA512

      004c3bab57a2081748ece4e0a78cab2c7cb2da4cc78f78a3dd63eb3929432233cf4843a5313d87f7504f7cd4fd80b5953e9ceb302e11b1bc954d875f498a6fcb

    • SSDEEP

      49152:+qq3L9SshzzJ+RC/nvL9OWY5Bp7UWucfj06:+qq3LnzzBvhOWgn7/u2j7

    Score
    8/10
    bankerdiscoveryevasionpersistencecollectioncredential_accessimpact

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks