108c62a1ad3822a05c6483f8b129791976ff6e76bf86f2327c5d7f80a871646f

General

Target

6dad1f6455eae80229f26bf0c618b79e_JaffaCakes118
Size

24.4MB
Sample

240524-hslp2ahb8t
MD5

6dad1f6455eae80229f26bf0c618b79e
SHA1

450b25de73028d57a2af456158612d9642f12500
SHA256

108c62a1ad3822a05c6483f8b129791976ff6e76bf86f2327c5d7f80a871646f
SHA512

c8a4e977706347579115f2c9ae8d76148a054d8f18c1e25e22c6e33368528b00c0f4643f406b9702bdcd5bcf78dd046d3783481790cf5223e4092f9ce2ad815b
SSDEEP

786432:zzrGxSEFxfTqdROpum8xdWIkT+S/g9md9HiLk7:zPGxDPbsxdbY+SY0HiA7

Score

8^/10

Malware Config

Targets

- Target
  
  6dad1f6455eae80229f26bf0c618b79e_JaffaCakes118
- Size
  
  24.4MB
- MD5
  
  6dad1f6455eae80229f26bf0c618b79e
- SHA1
  
  450b25de73028d57a2af456158612d9642f12500
- SHA256
  
  108c62a1ad3822a05c6483f8b129791976ff6e76bf86f2327c5d7f80a871646f
- SHA512
  
  c8a4e977706347579115f2c9ae8d76148a054d8f18c1e25e22c6e33368528b00c0f4643f406b9702bdcd5bcf78dd046d3783481790cf5223e4092f9ce2ad815b
- SSDEEP
  
  786432:zzrGxSEFxfTqdROpum8xdWIkT+S/g9md9HiLk7:zPGxDPbsxdbY+SY0HiA7
Score

8^/10

banker collection discovery evasion execution impact persistence credential_access
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Schedules tasks to execute at a specified time
  Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
  execution persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Checks memory information

Obtains sensitive information copied to the device clipboard

Queries account information for other applications stored on the device

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Reads information about phone network operator.

Schedules tasks to execute at a specified time

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2