c72748388024bc9b58ecdcef039618b8ea08494d5985c46417080d9e60dd9382

Sharing

Copy URL

Twitter E-mail

General

Target

7d549d3b29ee96b3582b050a13f8d8b2_JaffaCakes118
Size

25.2MB
Sample

240528-r2pmqahc3v
MD5

7d549d3b29ee96b3582b050a13f8d8b2
SHA1

4c6bb894ae953cb8a5718bd9183b8cea5458f732
SHA256

c72748388024bc9b58ecdcef039618b8ea08494d5985c46417080d9e60dd9382
SHA512

a993ddf08e7d18aebaf3e3dd435972e4bc4f6e3b7d4fbb90d8fb4327622f8f8b0f97048fe8b57a36ec669121d02e34e2a3b23abe9a26f04ef0f6a3172b01d0d2
SSDEEP

786432:0RtofUF3TJ4Jv0JotT0OC8o201Y1fpR5q2Vr1:07oMF3GJsJ2T09t8TAM

Score

8^/10

Malware Config

Targets

- Target
  
  7d549d3b29ee96b3582b050a13f8d8b2_JaffaCakes118
- Size
  
  25.2MB
- MD5
  
  7d549d3b29ee96b3582b050a13f8d8b2
- SHA1
  
  4c6bb894ae953cb8a5718bd9183b8cea5458f732
- SHA256
  
  c72748388024bc9b58ecdcef039618b8ea08494d5985c46417080d9e60dd9382
- SHA512
  
  a993ddf08e7d18aebaf3e3dd435972e4bc4f6e3b7d4fbb90d8fb4327622f8f8b0f97048fe8b57a36ec669121d02e34e2a3b23abe9a26f04ef0f6a3172b01d0d2
- SSDEEP
  
  786432:0RtofUF3TJ4Jv0JotT0OC8o201Y1fpR5q2Vr1:07oMF3GJsJ2T09t8TAM
Score

8^/10

collection discovery evasion execution persistence credential_access impact
- Checks if the Android device is rooted.
  evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Schedules tasks to execute at a specified time
  Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
  execution persistence
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2
- Target
  
  MacroDroidSystemHelper.apk
- Size
  
  308KB
- MD5
  
  d2c8fdd0212f24ac2fdd5781b9744f21
- SHA1
  
  a6be4ef5fa28df30d3f8d6efd8adb062ec712ad5
- SHA256
  
  56c23a6fd5b72cfce11ff445d8470de888bec9f07dc7a5110ee825047001d78e
- SHA512
  
  1c6b61cf7134b550c7da7430816e3950545c9af9de1d521954b35872563502201871e48ec90383d8832e37bd4baf6f4268bd3174aae12ab47b7fda552da31221
- SSDEEP
  
  6144:5epAtzqrBk+7p5ZbT66t6IuM3IjCsrgkJPKiZ1w3LKVLDXgSdB1xy:9Mz7p55o4MwkJyi7iLKJxDny
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  MacroDroidSystemHelper.apk
- Size
  
  152KB
- MD5
  
  ac35cf6e88610191f73e77520a42d233
- SHA1
  
  17d8c477029bae86d4314fddc2e4aeeb8ee68fae
- SHA256
  
  3d3b532bbea1db2ef2926dcfccd787d327fe099a26f7a0b8a7c5d5ea157f210d
- SHA512
  
  72db045244b366dfe06b2e821be63346be04eae132bc6b61b218d9fb3c06a80585dd6dee43aab60b5ab7a475bc692f6a20936410ee23c39620409a08a5bf7efe
- SSDEEP
  
  3072:Io3PWpRfELU2zvqrMCD4+xjdp5ZcoT6lst6zwSAuUpcbRiLIxpCsY:depAtzqrBk+7p5ZbT66t6IuM3IjCsY
Score

1^/10
behavioral6 behavioral7 behavioral8