privateloader | ca22cb5feec0ca512175253051853d224e8b2059f04c48704fc0a789206d0a4f | Triage

Sharing

General

Target

244573aa476ccb224887ecc4abb3e5d5_JaffaCakes118
Size

27.4MB
Sample

240508-lp9jgaec9v
MD5

244573aa476ccb224887ecc4abb3e5d5
SHA1

16cb8115621207b82a17bff29045a0d6a8db0461
SHA256

ca22cb5feec0ca512175253051853d224e8b2059f04c48704fc0a789206d0a4f
SHA512

79eb9cabaa0d68dcf6089eaa7554940a2f482c13d012c08d5beec03c7ade0d0c8acab0a053a743a8fbbca10230ed8c1ca7dc7b510d21dc0a9cbfb5c91ef9e012
SSDEEP

786432:x/A9iVSVVdXJYYxXg1Znvoq8kULthnwAN8kQKqsUf3xD2:x/AGuJYXvoqlULth3NtQL/BC

Score

10^/10

privateloader android discovery evasion persistence

Malware Config

Targets

- Target
  
  244573aa476ccb224887ecc4abb3e5d5_JaffaCakes118
- Size
  
  27.4MB
- MD5
  
  244573aa476ccb224887ecc4abb3e5d5
- SHA1
  
  16cb8115621207b82a17bff29045a0d6a8db0461
- SHA256
  
  ca22cb5feec0ca512175253051853d224e8b2059f04c48704fc0a789206d0a4f
- SHA512
  
  79eb9cabaa0d68dcf6089eaa7554940a2f482c13d012c08d5beec03c7ade0d0c8acab0a053a743a8fbbca10230ed8c1ca7dc7b510d21dc0a9cbfb5c91ef9e012
- SSDEEP
  
  786432:x/A9iVSVVdXJYYxXg1Znvoq8kULthnwAN8kQKqsUf3xD2:x/AGuJYXvoqlULth3NtQL/BC
Score

7^/10

discovery evasion persistence
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2