ee9ced2c0fd002ea1a2c7de69783a6514f9d73d478901c6b3b5da65869d5c8d1

General

Target

688155558731904770da467f6863d2a8_JaffaCakes118
Size

6.2MB
Sample

240522-y58nbsfc99
MD5

688155558731904770da467f6863d2a8
SHA1

81df9aadf80b6d069e978b4b4002aecf8081cf78
SHA256

ee9ced2c0fd002ea1a2c7de69783a6514f9d73d478901c6b3b5da65869d5c8d1
SHA512

0a1f1091f4b5804667edcc410582173fb5ff5f958a7d121d7b4c59f0dd3c9d99ead3ff2e03070bf055f05322635e0d6274407d18a8ccc66b07c246f4fa6a395f
SSDEEP

98304:r0drTLhEpUcxh7EMEjze6/SzDWqy7CtyuCCW1QQDVx7efR42SUjNNkvIXkx9zf0e:rxhoze6K/Q5NpsxSUjXX4f0KB

Score

8^/10

Malware Config

Targets

- Target
  
  688155558731904770da467f6863d2a8_JaffaCakes118
- Size
  
  6.2MB
- MD5
  
  688155558731904770da467f6863d2a8
- SHA1
  
  81df9aadf80b6d069e978b4b4002aecf8081cf78
- SHA256
  
  ee9ced2c0fd002ea1a2c7de69783a6514f9d73d478901c6b3b5da65869d5c8d1
- SHA512
  
  0a1f1091f4b5804667edcc410582173fb5ff5f958a7d121d7b4c59f0dd3c9d99ead3ff2e03070bf055f05322635e0d6274407d18a8ccc66b07c246f4fa6a395f
- SSDEEP
  
  98304:r0drTLhEpUcxh7EMEjze6/SzDWqy7CtyuCCW1QQDVx7efR42SUjNNkvIXkx9zf0e:rxhoze6K/Q5NpsxSUjXX4f0KB
Score

8^/10

discovery evasion execution persistence stealth trojan collection credential_access impact
- Checks if the Android device is rooted.
  evasion
- Removes its main activity from the application launcher
  stealth trojan evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Schedules tasks to execute at a specified time
  Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
  execution persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Removes its main activity from the application launcher

Checks CPU information

Checks memory information

Obtains sensitive information copied to the device clipboard

Queries information about running processes on the device

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Acquires the wake lock

Checks if the internet connection is available

Reads information about phone network operator.

Schedules tasks to execute at a specified time

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3