5efd0bd013f31c0852621053965330aec3819ddb9915a39988bbeded91f3faf4

General

Target

a86c4620064df65b29056f4dd28bc762_JaffaCakes118
Size

14.2MB
Sample

240614-hrekbsyhnb
MD5

a86c4620064df65b29056f4dd28bc762
SHA1

8711a74026b6524f87ecaf44c6a9aee320faf685
SHA256

5efd0bd013f31c0852621053965330aec3819ddb9915a39988bbeded91f3faf4
SHA512

e6944fb5e7de52a9df3c79b43b379ab593600e2055b3b0ab63d955729e5ad5cd8515f017953cadcb16c0646a4b637df96ddf5d42ba6772adc29b6986c59f87df
SSDEEP

393216:JIJEaTeX5ij1V1o6t1wV576sYAozEBxn2t:YTe8JVK6AjBYAr8t

Score

8^/10

Malware Config

Targets

- Target
  
  a86c4620064df65b29056f4dd28bc762_JaffaCakes118
- Size
  
  14.2MB
- MD5
  
  a86c4620064df65b29056f4dd28bc762
- SHA1
  
  8711a74026b6524f87ecaf44c6a9aee320faf685
- SHA256
  
  5efd0bd013f31c0852621053965330aec3819ddb9915a39988bbeded91f3faf4
- SHA512
  
  e6944fb5e7de52a9df3c79b43b379ab593600e2055b3b0ab63d955729e5ad5cd8515f017953cadcb16c0646a4b637df96ddf5d42ba6772adc29b6986c59f87df
- SSDEEP
  
  393216:JIJEaTeX5ij1V1o6t1wV576sYAozEBxn2t:YTe8JVK6AjBYAr8t
Score

8^/10

banker collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1
- Target
  
  bdxadsdk.jar
- Size
  
  454KB
- MD5
  
  7ea83ae891bd42c7711a8131f3c503c4
- SHA1
  
  2d514aa0ef432ae6e5c4147ba9a2465da7b1e8a3
- SHA256
  
  cbaecab41760f4a7e7e7a3e815c774067476e6c17126f00d2e47046146079d56
- SHA512
  
  a44fe167926f4b05724381a87d3d3c7b2c2b5c441a62611dca58ebf3ec9d8e71680f392021036cdd54c56c2b60a461b921f5471cc6a997951019aebfc81b627b
- SSDEEP
  
  6144:9iCYTNvMUa2k7VGVCKLZ+tZBb2ONPFmpGjQkzLC3Xnks1Yn0K4UzAUxxNCbeUxhq:e8vKLZ+tROt7kdt8U3NCbBh1LaA2
Score

1^/10
behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries information about running processes on the device

Requests cell location

Acquires the wake lock

Makes use of the framework's foreground persistence service

Queries information about active data network

Queries information about the current Wi-Fi connection

Reads information about phone network operator.

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4