62bcf1439e80b3d0eb23d44a719fec2693f4487fd57b5e25a9748e32953d3284 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd0c5ccb436e9e5bc9a8507526a1b26e_JaffaCakes118
Size

842KB
Sample

240420-slzcnabh2y
MD5

fd0c5ccb436e9e5bc9a8507526a1b26e
SHA1

c4caabb13406ce8c2a6d208d4556d8f2102f01be
SHA256

62bcf1439e80b3d0eb23d44a719fec2693f4487fd57b5e25a9748e32953d3284
SHA512

a04d69613d5a424ff2b252ecdf6e9ec0ab16efb67fa5905e8033525690b2ecf2f8d5c121d1a2c4a087424610ab33fc3fb172be201e3b79a012df1d677f5859c9
SSDEEP

12288:7s92XBoFB4WbKmrL2lNZF7mv2D34w45Xifw8uJvPP+N:7sqBoFB4W4NZF6v2D3W5Sfw8+vPP6

Score

7^/10

android evasion persistence

Malware Config

Targets

- Target
  
  fd0c5ccb436e9e5bc9a8507526a1b26e_JaffaCakes118
- Size
  
  842KB
- MD5
  
  fd0c5ccb436e9e5bc9a8507526a1b26e
- SHA1
  
  c4caabb13406ce8c2a6d208d4556d8f2102f01be
- SHA256
  
  62bcf1439e80b3d0eb23d44a719fec2693f4487fd57b5e25a9748e32953d3284
- SHA512
  
  a04d69613d5a424ff2b252ecdf6e9ec0ab16efb67fa5905e8033525690b2ecf2f8d5c121d1a2c4a087424610ab33fc3fb172be201e3b79a012df1d677f5859c9
- SSDEEP
  
  12288:7s92XBoFB4WbKmrL2lNZF7mv2D34w45Xifw8uJvPP+N:7sqBoFB4W4NZF6v2D3W5Sfw8+vPP6
Score

7^/10

evasion persistence
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

behavioral3

evasionpersistence