5a6acb720790cab1bfab11fe6ecd05f1374d9135b6d124a0225d6b65e6ebd1e3 | Triage

Sharing

General

Target

0f396cd02d10f2eaf69820cebe5b3950_JaffaCakes118
Size

13.1MB
Sample

240503-ajs4racb87
MD5

0f396cd02d10f2eaf69820cebe5b3950
SHA1

35cb9e20e85062a7dcec8776baf0233587c250ec
SHA256

5a6acb720790cab1bfab11fe6ecd05f1374d9135b6d124a0225d6b65e6ebd1e3
SHA512

58fcfece25accde877919226b5b2448a41c9b077c94e8da5c78c125f662e36072c09da0f917bcbb44aed420e4fc3351cda504cd667a3cb738e6d3bfaa9451aa8
SSDEEP

393216:s1cmE9dl2+FPV2TTVPEgkbU4qM1lmi7k1L7/p9t6b+ycFW:s1cnPpFPQV8gwnl1TA1f/x66ycA

Score

7^/10

android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  0f396cd02d10f2eaf69820cebe5b3950_JaffaCakes118
- Size
  
  13.1MB
- MD5
  
  0f396cd02d10f2eaf69820cebe5b3950
- SHA1
  
  35cb9e20e85062a7dcec8776baf0233587c250ec
- SHA256
  
  5a6acb720790cab1bfab11fe6ecd05f1374d9135b6d124a0225d6b65e6ebd1e3
- SHA512
  
  58fcfece25accde877919226b5b2448a41c9b077c94e8da5c78c125f662e36072c09da0f917bcbb44aed420e4fc3351cda504cd667a3cb738e6d3bfaa9451aa8
- SSDEEP
  
  393216:s1cmE9dl2+FPV2TTVPEgkbU4qM1lmi7k1L7/p9t6b+ycFW:s1cnPpFPQV8gwnl1TA1f/x66ycA
Score

7^/10

discovery evasion impact persistence
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence