0e779b2aff1137aa69764ddbe256fc55d49fa780e44c5aeafb48447ee58c83f7

General

Target

6e1cc2cb214d8548a5f545d36ad336f2_JaffaCakes118
Size

30.4MB
Sample

240524-lx173ada8w
MD5

6e1cc2cb214d8548a5f545d36ad336f2
SHA1

3d53cb927de9dc067c0e98b1ed0746d9aa8a0842
SHA256

0e779b2aff1137aa69764ddbe256fc55d49fa780e44c5aeafb48447ee58c83f7
SHA512

5afde4f0e9de90eb4f60600ef532442e1d80bbb07a3139aaec583c678064b477450eb107a659e592ec72c533bfa2f064d574c0fa3c2ed176382f40e514b2e343
SSDEEP

786432:RWuHTm7X4Tk7XUQJq7xfKy2jOkLGbN6Q7NiDxB:RWcTmDAk7EfKj6RNH7NiH

Score

8^/10

Malware Config

Targets

- Target
  
  6e1cc2cb214d8548a5f545d36ad336f2_JaffaCakes118
- Size
  
  30.4MB
- MD5
  
  6e1cc2cb214d8548a5f545d36ad336f2
- SHA1
  
  3d53cb927de9dc067c0e98b1ed0746d9aa8a0842
- SHA256
  
  0e779b2aff1137aa69764ddbe256fc55d49fa780e44c5aeafb48447ee58c83f7
- SHA512
  
  5afde4f0e9de90eb4f60600ef532442e1d80bbb07a3139aaec583c678064b477450eb107a659e592ec72c533bfa2f064d574c0fa3c2ed176382f40e514b2e343
- SSDEEP
  
  786432:RWuHTm7X4Tk7XUQJq7xfKy2jOkLGbN6Q7NiDxB:RWcTmDAk7EfKj6RNH7NiH
Score

8^/10

discovery evasion persistence collection
- Checks if the Android device is rooted.
  evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2
- Target
  
  gdtadv2.jar
- Size
  
  401KB
- MD5
  
  31aee39aa595216667e149f1a151a2ab
- SHA1
  
  701b4a1f11ed6eb42751250e86206ca8765d5410
- SHA256
  
  36bc2a92f09ab333699a22a44182b1eeb7caab4f20f90b7eb1d239d82854f0fd
- SHA512
  
  f020e1d4f2b741f057f43158d6c31d8f140642885cae82c9c70ddb47a7c50fdf419129e60ea0151b87a93739dcb6a967c1f3abdbe39d0b68483bb150ea29916e
- SSDEEP
  
  12288:PEL4FK3na8JwMzTTbG2BDMnMlr0yvAcbPQxyuS:MLt62qnkrxfuG
Score

1^/10
behavioral3

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Requests cell location

Checks CPU information

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Queries the phone number (MSISDN for GSM devices)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3