5a36d7174b7a31711b9826f06663c33961ea330753dfcb6f86cb1e07bf88549d

General

Target

0145a4e7d2e778c47a6bcb8800c5c792_JaffaCakes118
Size

10.7MB
Sample

240426-vwv44agd62
MD5

0145a4e7d2e778c47a6bcb8800c5c792
SHA1

515d57f39c8be8a9598197746edeb5fec1636981
SHA256

5a36d7174b7a31711b9826f06663c33961ea330753dfcb6f86cb1e07bf88549d
SHA512

f8931741f68e55f98443f17ed29981680cfa5eebbf4e03390e2fcb862e9e512d1a306c86b2708ce436c97b58e2ab76723599fef8e62f8de4530a3b9419d84c32
SSDEEP

196608:kGcXh8KlZY7jQzz/yO5rDTpskXjg0+dQEPB8AVcLhDYg/c0NHrBbhARuTbkZaZ6i:T6l7/ycrDTukXjg0RS+FYQF/ARuvjvVl

Score

7^/10

Malware Config

Targets

- Target
  
  0145a4e7d2e778c47a6bcb8800c5c792_JaffaCakes118
- Size
  
  10.7MB
- MD5
  
  0145a4e7d2e778c47a6bcb8800c5c792
- SHA1
  
  515d57f39c8be8a9598197746edeb5fec1636981
- SHA256
  
  5a36d7174b7a31711b9826f06663c33961ea330753dfcb6f86cb1e07bf88549d
- SHA512
  
  f8931741f68e55f98443f17ed29981680cfa5eebbf4e03390e2fcb862e9e512d1a306c86b2708ce436c97b58e2ab76723599fef8e62f8de4530a3b9419d84c32
- SSDEEP
  
  196608:kGcXh8KlZY7jQzz/yO5rDTpskXjg0+dQEPB8AVcLhDYg/c0NHrBbhARuTbkZaZ6i:T6l7/ycrDTukXjg0RS+FYQF/ARuvjvVl
Score

7^/10

collection discovery evasion impact persistence credential_access
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Checks the presence of a debugger
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks CPU information

Checks memory information

Loads dropped Dex/Jar

Obtains sensitive information copied to the device clipboard

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Acquires the wake lock

Checks if the internet connection is available

Requests cell location

Checks the presence of a debugger

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3