192b40c3d71e04a7698bbe4ef6a274d9cf41de2aceccf2f5ce41ae7404d87b73

General

Target

9edc71364c80c03d102a22dc68072a37_JaffaCakes118
Size

3.4MB
Sample

241126-a3cacavmes
MD5

9edc71364c80c03d102a22dc68072a37
SHA1

6b5f0150e9e9c737a3f6ce94fcdf630a633ab666
SHA256

192b40c3d71e04a7698bbe4ef6a274d9cf41de2aceccf2f5ce41ae7404d87b73
SHA512

df6aafdb6d5074c0983c03eb0f72bfa843bdf058d4c28599f5e07bc42fc61cacd245d4d3a82654146a7a9076ddf8609effb1f0329f6ebf32144ab6e34aaddb0c
SSDEEP

98304:8hWopSUW5PXsk2arQQRCBMwEda0bKI9EC:Z5P8k2arQLBMwEw1oEC

Score

8^/10

Malware Config

Targets

- Target
  
  9edc71364c80c03d102a22dc68072a37_JaffaCakes118
- Size
  
  3.4MB
- MD5
  
  9edc71364c80c03d102a22dc68072a37
- SHA1
  
  6b5f0150e9e9c737a3f6ce94fcdf630a633ab666
- SHA256
  
  192b40c3d71e04a7698bbe4ef6a274d9cf41de2aceccf2f5ce41ae7404d87b73
- SHA512
  
  df6aafdb6d5074c0983c03eb0f72bfa843bdf058d4c28599f5e07bc42fc61cacd245d4d3a82654146a7a9076ddf8609effb1f0329f6ebf32144ab6e34aaddb0c
- SSDEEP
  
  98304:8hWopSUW5PXsk2arQQRCBMwEda0bKI9EC:Z5P8k2arQLBMwEw1oEC
Score

8^/10

banker collection credential_access discovery evasion impact persistence privilege_escalation
- Checks if the Android device is rooted.
  evasion
- Checks Android system properties for emulator presence.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
  collection evasion credential_access
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
- Requests enabling of the accessibility settings.
- Tries to add a device administrator.
  privilege_escalation impact
behavioral1 behavioral2 behavioral3
- Target
  
  SLSDK.apk
- Size
  
  551KB
- MD5
  
  19df8a31fb37c64cc9c3a7626c1c2a4a
- SHA1
  
  caedab35ebb979278623a49121165f2cb1962e49
- SHA256
  
  24e625ee70aee9c6c2ee08a0f83ed8f529beaed7ae8d1364f55ee7e3f1bd2137
- SHA512
  
  a3214c9d5aa5565410d39571bfe3c66ea0abf551ba66260ab1590110d4de4dd100cadca23260412c54d04c42999913178fd412c5dc24992c960768e20e0e88fa
- SSDEEP
  
  12288:kfNpcEAI9q6LHkBqgouSWYwOW4EaHZEAJJnNHPFPLfNtfaMQB+2aT:sjzAqqWsmNHFLfbfarotT
Score

1^/10
behavioral4 behavioral5 behavioral6