c8647f51668694d51bb97433cb6bf83e15ae09e1439936dff2a56e24285274f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

395e0e94fe1174d1becd324c0bbdea3e_JaffaCakes118
Size

4.6MB
Sample

240512-k9wyfacf47
MD5

395e0e94fe1174d1becd324c0bbdea3e
SHA1

9c57047e2e6b807b02283afd906c85caa50253e4
SHA256

c8647f51668694d51bb97433cb6bf83e15ae09e1439936dff2a56e24285274f7
SHA512

db85ed640f2a3542d32af25068d59c4d6b911a06471024f52a5002cc37086f8e126f165a02c9f5b7a7bc742d4f72f24c512c2e2f696b22cc5a3de51980d75354
SSDEEP

98304:pYeLd/1i589M+t9fcKhpPXsKkpCBKwMn1HXXguZUKh/Iz6weYDCn4r6De:pn/I5It9fFhhlkcBKTHjZUKV86w7w4Gq

Score

8^/10

android banker discovery evasion

Malware Config

Targets

- Target
  
  395e0e94fe1174d1becd324c0bbdea3e_JaffaCakes118
- Size
  
  4.6MB
- MD5
  
  395e0e94fe1174d1becd324c0bbdea3e
- SHA1
  
  9c57047e2e6b807b02283afd906c85caa50253e4
- SHA256
  
  c8647f51668694d51bb97433cb6bf83e15ae09e1439936dff2a56e24285274f7
- SHA512
  
  db85ed640f2a3542d32af25068d59c4d6b911a06471024f52a5002cc37086f8e126f165a02c9f5b7a7bc742d4f72f24c512c2e2f696b22cc5a3de51980d75354
- SSDEEP
  
  98304:pYeLd/1i589M+t9fcKhpPXsKkpCBKwMn1HXXguZUKh/Iz6weYDCn4r6De:pn/I5It9fFhhlkcBKTHjZUKV86w7w4Gq
Score

8^/10

banker discovery evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Software Discovery

Security Software Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoveryevasion