56502fb0bac196235620fe2a2ee21c033677662629d88e69b0ca29143e037007

General

Target

6ee851472e376cfc4ed1d3710da2af3a_JaffaCakes118
Size

21.4MB
Sample

240524-sc8vqsac37
MD5

6ee851472e376cfc4ed1d3710da2af3a
SHA1

ef6ed39f617502d8b366a7dc96fdc304bf3b1e6d
SHA256

56502fb0bac196235620fe2a2ee21c033677662629d88e69b0ca29143e037007
SHA512

87b501cf9c9c1675ec9e8f72f18ff4e3c176ed69a4ea70d0cd5fed514f0bb38158991062208f81f7822b84152c814a3a6571d9d9a810d72052a2af539b5d45bf
SSDEEP

393216:rk0RItYRgTnPL7XFFN3pGUfjeoEuGrFTihFErcHLpcWLYijNEYCglsdyZGB5J9:bCSwDTNfjvEtBYcshns8oB5r

Score

8^/10

Malware Config

Targets

- Target
  
  6ee851472e376cfc4ed1d3710da2af3a_JaffaCakes118
- Size
  
  21.4MB
- MD5
  
  6ee851472e376cfc4ed1d3710da2af3a
- SHA1
  
  ef6ed39f617502d8b366a7dc96fdc304bf3b1e6d
- SHA256
  
  56502fb0bac196235620fe2a2ee21c033677662629d88e69b0ca29143e037007
- SHA512
  
  87b501cf9c9c1675ec9e8f72f18ff4e3c176ed69a4ea70d0cd5fed514f0bb38158991062208f81f7822b84152c814a3a6571d9d9a810d72052a2af539b5d45bf
- SSDEEP
  
  393216:rk0RItYRgTnPL7XFFN3pGUfjeoEuGrFTihFErcHLpcWLYijNEYCglsdyZGB5J9:bCSwDTNfjvEtBYcshns8oB5r
Score

8^/10

banker discovery evasion impact persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1
- Target
  
  UPPayPluginEx.apk
- Size
  
  686KB
- MD5
  
  e1ef9d747ae4a0137539d64bf1b9453f
- SHA1
  
  15d64a8e9ba3bb48e362bfa3cc0426b82b7ffe7b
- SHA256
  
  7b32ddb216112893856cee4a4f615c5e072619e6f323f24b4ec84b5033b49b88
- SHA512
  
  b909a07746acd5588ca1b64a22bacad3ef06030c3688536ea9148c9f9410412e1087b8360d18baff574b4dcc0355452537d1f41a6d82f88c06b23850b5270208
- SSDEEP
  
  12288:NwGctXjqYY7Yl+BSDiWFw499SDOOHWC3fhrCib1cLbyFlm:OGctzqYY7Yl+BEiWw499SiOnvhvLE
Score

1^/10
behavioral2 behavioral3
- Target
  
  patch
- Size
  
  14KB
- MD5
  
  ddfd25a04d139dd2d6221a0d3a22a1a6
- SHA1
  
  b1d65132010f3a0aa8834716b79d265eeda883d3
- SHA256
  
  97611a4a69dd8f5728509eea59afe20e2c4e8781188590b6b484d8afb69c5960
- SHA512
  
  ab32c37edbbbfb71f34b8f623e6083968f65d53e5d45991638e667a45245d0332e83a5ec795c66682784dbe4a3018cf185b53657ab0fee38c538628d1ad9e7fe
- SSDEEP
  
  384:/QH2gVJwdJJxhrHeyeXojPUsIS+KF+/Wr3wl4uFOiZrgr3:jgzw7PhasUsnElFBZrk3
Score

1^/10
behavioral4 behavioral5 behavioral6

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Checks CPU information

Checks memory information

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries information about the current Wi-Fi connection

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6