privateloader | 1666e091ac7c4a82e3c10de78b2cac24402e0fbb52129d55a7aea0add2dc0124 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3173adb646ad6398e787c6302cdfedc5_JaffaCakes118
Size

25.9MB
Sample

240510-2vvv9shb99
MD5

3173adb646ad6398e787c6302cdfedc5
SHA1

5e5008b7c5b41a449d59c72a7a6144be4f49f31c
SHA256

1666e091ac7c4a82e3c10de78b2cac24402e0fbb52129d55a7aea0add2dc0124
SHA512

503f3c1e25e26bcdd7b69e149a87f10c536f293107a2a6b78dc14a977d3b7fb70b89b5dedfb6055988b436290afb0fa4c4d14de4eabc90232fd258566fa394dd
SSDEEP

786432:S+PPpyXJAPDpGhgJXNCJ7OVcIscNhdWW4YExsIAxOm:RpJd+gJXNCoRdWBYExsIAD

Score

10^/10

privateloader android discovery evasion persistence

Malware Config

Targets

- Target
  
  3173adb646ad6398e787c6302cdfedc5_JaffaCakes118
- Size
  
  25.9MB
- MD5
  
  3173adb646ad6398e787c6302cdfedc5
- SHA1
  
  5e5008b7c5b41a449d59c72a7a6144be4f49f31c
- SHA256
  
  1666e091ac7c4a82e3c10de78b2cac24402e0fbb52129d55a7aea0add2dc0124
- SHA512
  
  503f3c1e25e26bcdd7b69e149a87f10c536f293107a2a6b78dc14a977d3b7fb70b89b5dedfb6055988b436290afb0fa4c4d14de4eabc90232fd258566fa394dd
- SSDEEP
  
  786432:S+PPpyXJAPDpGhgJXNCJ7OVcIscNhdWW4YExsIAxOm:RpJd+gJXNCoRdWBYExsIAD
Score

7^/10

discovery evasion persistence
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasion