Extracted

• • Target

    57524b1d98674358db836be534373314_JaffaCakes118

  • Size

    14.4MB

  • MD5

    57524b1d98674358db836be534373314

  • SHA1

    356cb2e1a8fe715d2fa9762a5a1c6c6fb9e86ac9

  • SHA256

    34018b385afedcd07cb43ec4bdaae1f8f59efdcebd9e3d93331ba08145386af0

  • SHA512

    8ad64a72ee2a455b85e1b0599f18438853008f5f3fb7d5fbd7ff8961d6fc9766284115818f311202d55215d25aa1e3d8e4b14b3063c570151f4bf6abe502dd75

  • SSDEEP

    196608:yLE6qDQrbKrNV5IP6GS+TvXvX3SIVOPsNNk9QDFM3f5xFmcyukLLABnI2WL3POqw:gFIQr+7ulJvpisNNywu57mcJkknVcuJ

  Score

  8^/10

  bankerdiscoveryevasionimpactpersistencecollectioncredential_access

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Checks CPU information

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery

  • Checks memory information

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Queries information about running processes on the device

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery

  • Queries information about the current Wi-Fi connection

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery

  • Queries the mobile country code (MCC)

    discovery

  • Registers a broadcast receiver at runtime (usually for listening for system events)

    persistence

  • Checks if the internet connection is available

    discovery

  • Queries the unique device ID (IMEI, MEID, IMSI)

    discovery

  • Reads information about phone network operator.

    discovery
  behavioral1behavioral2