c5ffd3ce6714500166a4c18dae7f28b1b1b40323ca15b8fdc4eab3f9c8e2675a

General

Target

69587d5a2a638b1e4246a3023fab823b_JaffaCakes118
Size

20.5MB
Sample

240523-b9f3jshe55
MD5

69587d5a2a638b1e4246a3023fab823b
SHA1

8952a3d4f66c17f24d589350451cd91b15cf2659
SHA256

c5ffd3ce6714500166a4c18dae7f28b1b1b40323ca15b8fdc4eab3f9c8e2675a
SHA512

3bfc7e74586a6a276f282ae4486723e38e14d6d8f54e177e9c48143e140f58b4bbadc4afddeecf5a92c25ee314316bb3a3ba07cbc57fb773995e1ba296dc574d
SSDEEP

393216:IjhkcfRKDBBaxg7X7z08z8QmFv/LvMQcgSxMji+AOXoNuyK/oDP:Ijhky8B8+vZk4qUMPAOXoQyWk

Score

8^/10

Malware Config

Targets

- Target
  
  69587d5a2a638b1e4246a3023fab823b_JaffaCakes118
- Size
  
  20.5MB
- MD5
  
  69587d5a2a638b1e4246a3023fab823b
- SHA1
  
  8952a3d4f66c17f24d589350451cd91b15cf2659
- SHA256
  
  c5ffd3ce6714500166a4c18dae7f28b1b1b40323ca15b8fdc4eab3f9c8e2675a
- SHA512
  
  3bfc7e74586a6a276f282ae4486723e38e14d6d8f54e177e9c48143e140f58b4bbadc4afddeecf5a92c25ee314316bb3a3ba07cbc57fb773995e1ba296dc574d
- SSDEEP
  
  393216:IjhkcfRKDBBaxg7X7z08z8QmFv/LvMQcgSxMji+AOXoNuyK/oDP:Ijhky8B8+vZk4qUMPAOXoQyWk
Score

8^/10

collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks Android system properties for emulator presence.
  evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks Qemu related system properties.
  Checks for Android system properties related to Qemu for Emulator detection.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Requests cell location

Checks Android system properties for emulator presence.

Checks CPU information

Checks Qemu related system properties.

Checks memory information

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2