e72806a1842aa2bf7fefdf85ef98424bca3abc462761111b902d408e347ddf1e

General

Target

68219950da4733e2b4275b81538f193d_JaffaCakes118
Size

4.0MB
Sample

240522-wm852abb7v
MD5

68219950da4733e2b4275b81538f193d
SHA1

5b062d4d60a9de5a7e1371c313775c6c68201055
SHA256

e72806a1842aa2bf7fefdf85ef98424bca3abc462761111b902d408e347ddf1e
SHA512

c9132f39025ffe748010e196f0b2536eb672d1d2f431c940850849256b0b5b517121f201528af138d8a3691e8667c19015f4a53918d996bdf7dacf4d4f29d2ef
SSDEEP

98304:Uv62m65nrzuvsA2zFcriHPdnvEPYNYndiinySdZDuruc90V9Yf:R2B5nnuR2xQqdvEPYindiZSdZD4izYf

Score

8^/10

Malware Config

Targets

- Target
  
  68219950da4733e2b4275b81538f193d_JaffaCakes118
- Size
  
  4.0MB
- MD5
  
  68219950da4733e2b4275b81538f193d
- SHA1
  
  5b062d4d60a9de5a7e1371c313775c6c68201055
- SHA256
  
  e72806a1842aa2bf7fefdf85ef98424bca3abc462761111b902d408e347ddf1e
- SHA512
  
  c9132f39025ffe748010e196f0b2536eb672d1d2f431c940850849256b0b5b517121f201528af138d8a3691e8667c19015f4a53918d996bdf7dacf4d4f29d2ef
- SSDEEP
  
  98304:Uv62m65nrzuvsA2zFcriHPdnvEPYNYndiinySdZDuruc90V9Yf:R2B5nnuR2xQqdvEPYindiZSdZD4izYf
Score

8^/10

discovery evasion persistence collection credential_access impact
- Checks if the Android device is rooted.
  evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Checks CPU information

Checks memory information

Makes use of the framework's foreground persistence service

Obtains sensitive information copied to the device clipboard

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2