privateloader | 9cf542903232785e6719f05d0773b0b5a494edea45a335336a82691ce6027cbb | Triage

Sharing

General

Target

2c75049f9e6a498b23efe9c793c3d43d_JaffaCakes118
Size

18.0MB
Sample

240510-ave19sgb9s
MD5

2c75049f9e6a498b23efe9c793c3d43d
SHA1

d7d38e7bfa5ec54c739487020dd622995d3bf749
SHA256

9cf542903232785e6719f05d0773b0b5a494edea45a335336a82691ce6027cbb
SHA512

0702a4fdbd6b75ed58eba1f38e2ae040c1c5779e3339d2d6f275153d9a4744432e190af7f82057dd30e280a59c00333fa5015c904c437e5bd18cd8e5ca556c05
SSDEEP

393216:oUxn8XQ5LcpAHOu0dqtoclRm5QfIG3rDBbywfA0E+IZ:oUJRLcpAZ0weclNnJyOvE++

Score

10^/10

privateloader android discovery evasion

Malware Config

Targets

- Target
  
  2c75049f9e6a498b23efe9c793c3d43d_JaffaCakes118
- Size
  
  18.0MB
- MD5
  
  2c75049f9e6a498b23efe9c793c3d43d
- SHA1
  
  d7d38e7bfa5ec54c739487020dd622995d3bf749
- SHA256
  
  9cf542903232785e6719f05d0773b0b5a494edea45a335336a82691ce6027cbb
- SHA512
  
  0702a4fdbd6b75ed58eba1f38e2ae040c1c5779e3339d2d6f275153d9a4744432e190af7f82057dd30e280a59c00333fa5015c904c437e5bd18cd8e5ca556c05
- SSDEEP
  
  393216:oUxn8XQ5LcpAHOu0dqtoclRm5QfIG3rDBbywfA0E+IZ:oUJRLcpAZ0weclNnJyOvE++
Score

7^/10

discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2