Overview

overview

8

Static

static

6

9eff202794...18.apk

android-9-x86

8

9eff202794...18.apk

android-13-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9eff202794bab810797698060e597bb3_JaffaCakes118

  • Size

    5.9MB

  • Sample

    241126-bl3xeasrfj

  • MD5

    9eff202794bab810797698060e597bb3

  • SHA1

    fd44ce83a00f1ddcf6c9879da2d0686ced36f28e

  • SHA256

    40c21ecfe58bd9ee06dd8fa0d8d03f5a7700063e88d4067a4dd22a36da1957e3

  • SHA512

    e6c6e55acb298eabd1c60d03091c6ef8521178e41ba6beb9f0ded78b94dc70993271529491d9639835052c1bf2c49de84a34622425aeba17dbf6acef2e79936b

  • SSDEEP

    98304:POcjcu3Ng/s1FCd621aRT5JLOnbONlMM8V40ih2tU+MG/PGGi4OD2OvB9Eq33wm:PhjssDa12HPlGq0o2e+f/PGz/2OJ9E25

Score
8/10
androidcollectiondiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      9eff202794bab810797698060e597bb3_JaffaCakes118

    • Size

      5.9MB

    • MD5

      9eff202794bab810797698060e597bb3

    • SHA1

      fd44ce83a00f1ddcf6c9879da2d0686ced36f28e

    • SHA256

      40c21ecfe58bd9ee06dd8fa0d8d03f5a7700063e88d4067a4dd22a36da1957e3

    • SHA512

      e6c6e55acb298eabd1c60d03091c6ef8521178e41ba6beb9f0ded78b94dc70993271529491d9639835052c1bf2c49de84a34622425aeba17dbf6acef2e79936b

    • SSDEEP

      98304:POcjcu3Ng/s1FCd621aRT5JLOnbONlMM8V40ih2tU+MG/PGGi4OD2OvB9Eq33wm:PhjssDa12HPlGq0o2e+f/PGz/2OJ9E25

    Score
    8/10
    collectiondiscoveryevasionimpactpersistence

    • Checks if the Android device is rooted.

      evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

      discovery

    • Requests cell location

      Uses Android APIs to to get current cell location.

      collectiondiscoveryevasion

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks