6a52d3f3172cdf0f243c451959a50baf1c546012975b093f10ebc2f963c107f4

General

Target

675a0bfbd1e3eb249af20e918560bda8_JaffaCakes118
Size

27.2MB
Sample

240522-qbty3scd54
MD5

675a0bfbd1e3eb249af20e918560bda8
SHA1

7898f2b765fafe48575bb33d190aac08b196a372
SHA256

6a52d3f3172cdf0f243c451959a50baf1c546012975b093f10ebc2f963c107f4
SHA512

d7d916ad5db13fa35f87fe36077e32bee2b7936c71aeb573240ad1903cb17499b2ddcd4b3e06dec53d0241eeac101a31d8b74391f514359874c7b9685c43d232
SSDEEP

786432:QdCyufQtAMXNk4+Xxj3tR7eLIyWCAerN12Du5juty:QdCZMXN7KxjdRZLef5jF

Score

8^/10

Malware Config

Targets

- Target
  
  675a0bfbd1e3eb249af20e918560bda8_JaffaCakes118
- Size
  
  27.2MB
- MD5
  
  675a0bfbd1e3eb249af20e918560bda8
- SHA1
  
  7898f2b765fafe48575bb33d190aac08b196a372
- SHA256
  
  6a52d3f3172cdf0f243c451959a50baf1c546012975b093f10ebc2f963c107f4
- SHA512
  
  d7d916ad5db13fa35f87fe36077e32bee2b7936c71aeb573240ad1903cb17499b2ddcd4b3e06dec53d0241eeac101a31d8b74391f514359874c7b9685c43d232
- SSDEEP
  
  786432:QdCyufQtAMXNk4+Xxj3tR7eLIyWCAerN12Du5juty:QdCZMXN7KxjdRZLef5jF
Score

8^/10

banker collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Requests cell location

Checks CPU information

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Queries the phone number (MSISDN for GSM devices)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2