320d511afbcc7a35870d65bc4e5453590abfc340b5e56f839901b38b821af253

General

Target

63c241381ac7474cc47efb5cffa259af_JaffaCakes118
Size

11.3MB
Sample

240521-spj25sac6w
MD5

63c241381ac7474cc47efb5cffa259af
SHA1

3b2caed81c1d5d6a288e79083613e9db6ab4d645
SHA256

320d511afbcc7a35870d65bc4e5453590abfc340b5e56f839901b38b821af253
SHA512

e43220b89ef5bfde1e956b08c46164f02e5e0aea66ddae44e8e078a881e8c2b935f0a993cdae85e83faff10202daa0a66481f4f7f60214c73c28501ab244cbe6
SSDEEP

196608:e6XFnSguCxMn/RwgmPFOW8bPRAQEppZR3jIrOcWTZVduvCvqO44YWojivVMKi:bX4TAQZeFOW8bP/EppZVcryZUgS47mSS

Score

8^/10

Malware Config

Targets

- Target
  
  63c241381ac7474cc47efb5cffa259af_JaffaCakes118
- Size
  
  11.3MB
- MD5
  
  63c241381ac7474cc47efb5cffa259af
- SHA1
  
  3b2caed81c1d5d6a288e79083613e9db6ab4d645
- SHA256
  
  320d511afbcc7a35870d65bc4e5453590abfc340b5e56f839901b38b821af253
- SHA512
  
  e43220b89ef5bfde1e956b08c46164f02e5e0aea66ddae44e8e078a881e8c2b935f0a993cdae85e83faff10202daa0a66481f4f7f60214c73c28501ab244cbe6
- SSDEEP
  
  196608:e6XFnSguCxMn/RwgmPFOW8bPRAQEppZR3jIrOcWTZVduvCvqO44YWojivVMKi:bX4TAQZeFOW8bP/EppZVcryZUgS47mSS
Score

8^/10

banker discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Requests dangerous framework permissions
behavioral1
- Target
  
  hook_dex.jar
- Size
  
  758B
- MD5
  
  3b6e0733b8ff60ffe881aec87e3d50fe
- SHA1
  
  5073e90773998f78bcb20628c63d1a731f2ff684
- SHA256
  
  79c4d35e176c7f78e47399e0bbf0c7e3f281c2b73fbea24c5d60cdb88978f3ce
- SHA512
  
  8691cae6e0e4d688fabf1823ad1939697f13e983212c87c28deda48bae28ac493830ca8e802a92c70a2a49c3363ab86450031df6988df708038b0970da209650
Score

1^/10
behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Requests dangerous framework permissions

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4