Overview

overview

10

Static

static

6

JaffaCakes...6f.apk

android-9-x86

10

JaffaCakes...6f.apk

android-10-x64

10

JaffaCakes...6f.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3cff863140899a34e805a0b77636e66f

  • Size

    3.3MB

  • Sample

    250106-1xzfsszkh1

  • MD5

    3cff863140899a34e805a0b77636e66f

  • SHA1

    ffde6e6db81a2d0af4a10a2d5d7adaaa067b2f0b

  • SHA256

    2d0b157e27359bc36c31e3c3ef891964bc98b2cb66c4f95c2ffc4af7d3477e30

  • SHA512

    a2e624c1f4f8f3b02be21afc008788c8c8eaa7356d510c1087921a3e239ddc42ad74dd2e9a1e6e472ef940d9d0c246d3e918a1256801be537d75599bff301e30

  • SSDEEP

    98304:fmMgNNnRoZUqIUwy/FpF/R8I8evrXvUvkjmrsb3W3x:fmMgN5Ro+qIny/j8IrirW3K

Score
10/10
hydraandroidbankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      JaffaCakes118_3cff863140899a34e805a0b77636e66f

    • Size

      3.3MB

    • MD5

      3cff863140899a34e805a0b77636e66f

    • SHA1

      ffde6e6db81a2d0af4a10a2d5d7adaaa067b2f0b

    • SHA256

      2d0b157e27359bc36c31e3c3ef891964bc98b2cb66c4f95c2ffc4af7d3477e30

    • SHA512

      a2e624c1f4f8f3b02be21afc008788c8c8eaa7356d510c1087921a3e239ddc42ad74dd2e9a1e6e472ef940d9d0c246d3e918a1256801be537d75599bff301e30

    • SSDEEP

      98304:fmMgNNnRoZUqIUwy/FpF/R8I8evrXvUvkjmrsb3W3x:fmMgN5Ro+qIny/j8IrirW3K

    Score
    10/10
    hydrabankercollectioncredential_accessdiscoveryevasioninfostealerpersistencetrojan

    • Hydra

      Android banker and info stealer.

      bankertrojaninfostealerhydra

    • Hydra family

      hydra

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks