5368683dc8fc38e3596d03bb1a540abae6b5191c56d5032373fd2c80eec72f45

General

Target

66f4d6932994eefcd492b3b3a93dca9f_JaffaCakes118
Size

30.6MB
Sample

240522-mkqfgabh77
MD5

66f4d6932994eefcd492b3b3a93dca9f
SHA1

ae9fb97093ac92d5aa07836bdbcc3590fa7d304f
SHA256

5368683dc8fc38e3596d03bb1a540abae6b5191c56d5032373fd2c80eec72f45
SHA512

44406f98dbbe8ad5e2884473c2682e4c43cfde4848af7309ea011251e18cc267a456dbd8ae93e4cfda9f5db88a581d998250011b4942e23946a8a061b6574764
SSDEEP

786432:5yhyzOSkBGo9Axv//dGbz1SC4hKqtTHZzYqx3JE0cyU9tYyI:TzMBGo9AxvnYbz1n85HFj3hcy5yI

Score

8^/10

Malware Config

Targets

- Target
  
  66f4d6932994eefcd492b3b3a93dca9f_JaffaCakes118
- Size
  
  30.6MB
- MD5
  
  66f4d6932994eefcd492b3b3a93dca9f
- SHA1
  
  ae9fb97093ac92d5aa07836bdbcc3590fa7d304f
- SHA256
  
  5368683dc8fc38e3596d03bb1a540abae6b5191c56d5032373fd2c80eec72f45
- SHA512
  
  44406f98dbbe8ad5e2884473c2682e4c43cfde4848af7309ea011251e18cc267a456dbd8ae93e4cfda9f5db88a581d998250011b4942e23946a8a061b6574764
- SSDEEP
  
  786432:5yhyzOSkBGo9Axv//dGbz1SC4hKqtTHZzYqx3JE0cyU9tYyI:TzMBGo9AxvnYbz1n85HFj3hcy5yI
Score

8^/10

banker discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Checks memory information

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Queries the phone number (MSISDN for GSM devices)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2