b952d6ee5ad854f37e3badab474b198dba49aa03c14063e17246528286352e20

General

Target

9b240f0609408876bc96a53c4e8ec566_JaffaCakes118
Size

14.3MB
Sample

240610-srwtqa1crg
MD5

9b240f0609408876bc96a53c4e8ec566
SHA1

a542b8a1ec31f5a80b7242c759c73ec347e721e7
SHA256

b952d6ee5ad854f37e3badab474b198dba49aa03c14063e17246528286352e20
SHA512

670c7b8a516086b8a03e381f59cdd80a6c0f6cd4644cd04f94cd9307893097c4579f2ac6efb3234028727487e104d351f85a12c04397d18e5c425d4642e3c275
SSDEEP

196608:29XI0hcq6QY2a5DNOO9aDpul78kn9dtDvjmA+yBLJw2RkxvMSqE8JflYlx1OLvlO:29PY24Z9a27nnLYA+kANqbJNhjuAnM

Score

8^/10

Malware Config

Targets

- Target
  
  9b240f0609408876bc96a53c4e8ec566_JaffaCakes118
- Size
  
  14.3MB
- MD5
  
  9b240f0609408876bc96a53c4e8ec566
- SHA1
  
  a542b8a1ec31f5a80b7242c759c73ec347e721e7
- SHA256
  
  b952d6ee5ad854f37e3badab474b198dba49aa03c14063e17246528286352e20
- SHA512
  
  670c7b8a516086b8a03e381f59cdd80a6c0f6cd4644cd04f94cd9307893097c4579f2ac6efb3234028727487e104d351f85a12c04397d18e5c425d4642e3c275
- SSDEEP
  
  196608:29XI0hcq6QY2a5DNOO9aDpul78kn9dtDvjmA+yBLJw2RkxvMSqE8JflYlx1OLvlO:29PY24Z9a27nnLYA+kANqbJNhjuAnM
Score

8^/10

banker collection discovery evasion impact persistence credential_access
- Checks if the Android device is rooted.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Requests cell location
  Uses Android APIs to to get current cell information.
  collection discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Obtains sensitive information copied to the device clipboard

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries information about running processes on the device

Queries information about the current nearby Wi-Fi networks

Requests cell location

Requests cell location

Queries information about active data network

Queries information about the current Wi-Fi connection

Queries the mobile country code (MCC)

Queries the unique device ID (IMEI, MEID, IMSI)

Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2