3ca0b749ba47acd5f2d4b1f96b68edf61b3d498f84f2dce2b4d451f4e4f3242c

General

Target

683bd545b973b7534c8472a2b378ed11_JaffaCakes118
Size

8.2MB
Sample

240522-xbac1acd73
MD5

683bd545b973b7534c8472a2b378ed11
SHA1

b71ab08231ae1f2a436cc7f4591513dc0aa7f887
SHA256

3ca0b749ba47acd5f2d4b1f96b68edf61b3d498f84f2dce2b4d451f4e4f3242c
SHA512

4a00e7ae6917b466430063c4a7cba462c01e64fce720f331dd07595fa28b994af1abb32a5b7120eed1337395a7269ebe3dc9679b273eb20eb173e74dbf8ce41a
SSDEEP

196608:7NvX0ciJ66Glzle96sTLdAjhb4pQECFwfZoT6pjJZnVg:7FX/JzvjCyUI6BJZnq

Score

8^/10

Malware Config

Targets

- Target
  
  683bd545b973b7534c8472a2b378ed11_JaffaCakes118
- Size
  
  8.2MB
- MD5
  
  683bd545b973b7534c8472a2b378ed11
- SHA1
  
  b71ab08231ae1f2a436cc7f4591513dc0aa7f887
- SHA256
  
  3ca0b749ba47acd5f2d4b1f96b68edf61b3d498f84f2dce2b4d451f4e4f3242c
- SHA512
  
  4a00e7ae6917b466430063c4a7cba462c01e64fce720f331dd07595fa28b994af1abb32a5b7120eed1337395a7269ebe3dc9679b273eb20eb173e74dbf8ce41a
- SSDEEP
  
  196608:7NvX0ciJ66Glzle96sTLdAjhb4pQECFwfZoT6pjJZnVg:7FX/JzvjCyUI6BJZnq
Score

8^/10

collection discovery evasion impact persistence credential_access
- Checks if the Android device is rooted.
  evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Requests cell location

Checks CPU information

Checks memory information

Obtains sensitive information copied to the device clipboard

Queries account information for other applications stored on the device

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Queries the phone number (MSISDN for GSM devices)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Checks the presence of a debugger

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3