31c1b01bf5cccc0160afa4602178d2fbf6a932d9782dd1b07c2aa061058b3102

General

Target

68fa3c817ac4665da482a3e17f254843_JaffaCakes118
Size

15.9MB
Sample

240522-3axpssch34
MD5

68fa3c817ac4665da482a3e17f254843
SHA1

85c76377ab8d4e48bd7b84c5c5a79ce115565c22
SHA256

31c1b01bf5cccc0160afa4602178d2fbf6a932d9782dd1b07c2aa061058b3102
SHA512

7c21edd13c3bbcb5978f094c995cda74bcb0f1da6922892362c993f97bf04791142a6c3a81356fee08d132d5b8f52e4de428365267d9d79fbf3d74ea74e90a01
SSDEEP

393216:nrWixe2d5mwJsjFrNnTYF9czFzBARsu6umhfq:6ulbsLTtzBARsuNmVq

Score

8^/10

Malware Config

Targets

- Target
  
  68fa3c817ac4665da482a3e17f254843_JaffaCakes118
- Size
  
  15.9MB
- MD5
  
  68fa3c817ac4665da482a3e17f254843
- SHA1
  
  85c76377ab8d4e48bd7b84c5c5a79ce115565c22
- SHA256
  
  31c1b01bf5cccc0160afa4602178d2fbf6a932d9782dd1b07c2aa061058b3102
- SHA512
  
  7c21edd13c3bbcb5978f094c995cda74bcb0f1da6922892362c993f97bf04791142a6c3a81356fee08d132d5b8f52e4de428365267d9d79fbf3d74ea74e90a01
- SSDEEP
  
  393216:nrWixe2d5mwJsjFrNnTYF9czFzBARsu6umhfq:6ulbsLTtzBARsuNmVq
Score

8^/10

banker discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1
- Target
  
  BaiduBikeNavi_Resource_v5_4_1.png
- Size
  
  813KB
- MD5
  
  5771fe3659a847d9f0ad64e4cc075037
- SHA1
  
  c2aabfb31d5106d3341601427718c192d85b79ed
- SHA256
  
  8ec7d0d08741a1345b12989b483aefde552eff0d1c47e4cf71a5625322edb8fa
- SHA512
  
  c82ff14e5e67751df10941875d1209fa11dde95d63d4102d83913e92da825c2e348117cd6c060917dc64f4966f4175c0d1a3d4c315dff123a9173f85b402b78c
- SSDEEP
  
  12288:0IMofgxpV3PFWnwC7G7KZwfuhUsRyruvKz9/hQ6lQ9ACsYS4PCdmDDxp3Kw/b:0IMofgxpV3EGcyruSta9ACJHPCAX7r/b
Score

1^/10
behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Checks memory information

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4