b374bb3d16222f9703444fa629db2993c815dcc1248c978704090ae6abaa1d07 | Triage

Sharing

General

Target

41847594fbb588a71d1cc0829803b7d9_JaffaCakes118
Size

4.7MB
Sample

240514-ptkmpafh33
MD5

41847594fbb588a71d1cc0829803b7d9
SHA1

a50f38fc7f07d12b4a3172beb4452d9f61858638
SHA256

b374bb3d16222f9703444fa629db2993c815dcc1248c978704090ae6abaa1d07
SHA512

86ec434450fdf1408074d8a8edaee3adebe9b972a9b9cfea598a4e1c097fb80145893a82902e2f9d67c97a02945585135eaeb86eeb8df6663da779035d387581
SSDEEP

98304:9ca6iPJQivTQsQNpmZyXkU+GhrZZhowNT4xJzNYYdPg0n6d/292Iy6GuKRTWRT8:9ca6itQQ8kU+Gh13obxJfna20H6GnRTx

Score

8^/10

android collection discovery evasion persistence

Malware Config

Targets

- Target
  
  41847594fbb588a71d1cc0829803b7d9_JaffaCakes118
- Size
  
  4.7MB
- MD5
  
  41847594fbb588a71d1cc0829803b7d9
- SHA1
  
  a50f38fc7f07d12b4a3172beb4452d9f61858638
- SHA256
  
  b374bb3d16222f9703444fa629db2993c815dcc1248c978704090ae6abaa1d07
- SHA512
  
  86ec434450fdf1408074d8a8edaee3adebe9b972a9b9cfea598a4e1c097fb80145893a82902e2f9d67c97a02945585135eaeb86eeb8df6663da779035d387581
- SSDEEP
  
  98304:9ca6iPJQivTQsQNpmZyXkU+GhrZZhowNT4xJzNYYdPg0n6d/292Iy6GuKRTWRT8:9ca6itQQ8kU+Gh13obxJfna20H6GnRTx
Score

8^/10

collection discovery evasion persistence
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
behavioral1
- Target
  
  alipay_plugin_20120428msp.apk
- Size
  
  286KB
- MD5
  
  4a89d8a1da67ffb789e71dcced41a691
- SHA1
  
  b72bc1d8920ed03c8bfcb8e431169f4508e71976
- SHA256
  
  5dab6575a279591032487cd2b8e428f7a90ac8b1fc4eacee245522feba2b2039
- SHA512
  
  a09342efcabc691c9efdf256c93e3f326d6785c7b2d6c1d4d12dfbdb676f544fcaa08ca373a550faebe3cdab2b5f82781e28cbf5f4779c3905851876eddc95d3
- SSDEEP
  
  6144:OV/Mo6jF1cM8qgmgMPE8fRsrYQ0d0ROgE8XF2Q9WDBRa/dEW7BhDJUK:OVWjFiCgxmpsrYQ0uR48XF2Q9W1R1Wlv
Score

1^/10
behavioral2 behavioral3 behavioral4

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Execution Guardrails

Geofencing

Credential Access

Discovery

Location Tracking

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryevasionpersistence

behavioral2

behavioral3

behavioral4