06e414204a6e0aabc29176f2a52165ff84eaefff5cd5ea7862335448d3c73a0b

General

Target

6a394abb05e1bd308947dddc03cc3701_JaffaCakes118
Size

23.1MB
Sample

240523-jjj1hshh2s
MD5

6a394abb05e1bd308947dddc03cc3701
SHA1

cf55597cbbef3c5dba2bfb78e243fbd8d193d0ba
SHA256

06e414204a6e0aabc29176f2a52165ff84eaefff5cd5ea7862335448d3c73a0b
SHA512

3c4b0800090df396b6964d7b61889884e4c584db71a2f76fc3ef29b63aa00c4339affd11bbfc66dbc065f01741c4fba1e5fc64061c50c40e5919ffa0887d7a4d
SSDEEP

393216:pMYcPvCJQRdWrn6I8WQId1zeZCLVHDKqAMfGz9WMa4zHRdDGhMK08NMJ1MxwlrkW:WtP6Ml4+CUqAMfGz9+uqhM1SMJ1Myx/

Score

8^/10

Malware Config

Targets

- Target
  
  6a394abb05e1bd308947dddc03cc3701_JaffaCakes118
- Size
  
  23.1MB
- MD5
  
  6a394abb05e1bd308947dddc03cc3701
- SHA1
  
  cf55597cbbef3c5dba2bfb78e243fbd8d193d0ba
- SHA256
  
  06e414204a6e0aabc29176f2a52165ff84eaefff5cd5ea7862335448d3c73a0b
- SHA512
  
  3c4b0800090df396b6964d7b61889884e4c584db71a2f76fc3ef29b63aa00c4339affd11bbfc66dbc065f01741c4fba1e5fc64061c50c40e5919ffa0887d7a4d
- SSDEEP
  
  393216:pMYcPvCJQRdWrn6I8WQId1zeZCLVHDKqAMfGz9WMa4zHRdDGhMK08NMJ1MxwlrkW:WtP6Ml4+CUqAMfGz9+uqhM1SMJ1Myx/
Score

8^/10

collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Requests cell location

Checks CPU information

Checks memory information

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Queries the unique device ID (IMEI, MEID, IMSI)

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2