80c33080af032395fa2408385aa4955d393ac5aaa5c93014b65617168a0bf58a

General

Target

697e138ac623994a29243ae05bb7ec9a_JaffaCakes118
Size

27.6MB
Sample

240523-c9w97sbd28
MD5

697e138ac623994a29243ae05bb7ec9a
SHA1

0e305f940e0a51b7ccfc88a573fe6d409e685896
SHA256

80c33080af032395fa2408385aa4955d393ac5aaa5c93014b65617168a0bf58a
SHA512

d4a193aa7ccd3d244ae6bb0b13c178beb8d93022aca88d264757ccd4a0c39fa8b940712b2dfb58c8a19ec4de3751fd547ce2915af646287ef5d02db8c9c2b66f
SSDEEP

786432:ET5XzxIIPi/dr3NVORp3PzYGxMQWUO6MmbEpy:ET5XmierdkR1PUGqQWpy

Score

8^/10

Malware Config

Targets

- Target
  
  697e138ac623994a29243ae05bb7ec9a_JaffaCakes118
- Size
  
  27.6MB
- MD5
  
  697e138ac623994a29243ae05bb7ec9a
- SHA1
  
  0e305f940e0a51b7ccfc88a573fe6d409e685896
- SHA256
  
  80c33080af032395fa2408385aa4955d393ac5aaa5c93014b65617168a0bf58a
- SHA512
  
  d4a193aa7ccd3d244ae6bb0b13c178beb8d93022aca88d264757ccd4a0c39fa8b940712b2dfb58c8a19ec4de3751fd547ce2915af646287ef5d02db8c9c2b66f
- SSDEEP
  
  786432:ET5XzxIIPi/dr3NVORp3PzYGxMQWUO6MmbEpy:ET5XmierdkR1PUGqQWpy
Score

8^/10

collection discovery evasion impact persistence credential_access
- Checks if the Android device is rooted.
  evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks Android system properties for emulator presence.
  evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Requests cell location

Checks Android system properties for emulator presence.

Checks CPU information

Checks memory information

Obtains sensitive information copied to the device clipboard

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2