5ee069d0ea343cdba308eb61027896236448a67d404105d817648b03a9143973 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4454911d52d3f65271fcd35b28b755df_JaffaCakes118
Size

4.2MB
Sample

240515-dtdctsef6t
MD5

4454911d52d3f65271fcd35b28b755df
SHA1

5cacec44dc10d52b2d63fc0e265a4b6b11a7fee0
SHA256

5ee069d0ea343cdba308eb61027896236448a67d404105d817648b03a9143973
SHA512

baf669580aedcc8d6d13c748195422f32075db5e38dfb035543c38953e7ad5976ab95d61829cb5b7b35e7f836fe25af90b08667f86e8024f3560af80a4dd9b4a
SSDEEP

98304:sIitnewfMQUa+61igrUkEXPEGQjRwPeIdCgKgU:KhkFbsigrDqxKP

Score

7^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  4454911d52d3f65271fcd35b28b755df_JaffaCakes118
- Size
  
  4.2MB
- MD5
  
  4454911d52d3f65271fcd35b28b755df
- SHA1
  
  5cacec44dc10d52b2d63fc0e265a4b6b11a7fee0
- SHA256
  
  5ee069d0ea343cdba308eb61027896236448a67d404105d817648b03a9143973
- SHA512
  
  baf669580aedcc8d6d13c748195422f32075db5e38dfb035543c38953e7ad5976ab95d61829cb5b7b35e7f836fe25af90b08667f86e8024f3560af80a4dd9b4a
- SSDEEP
  
  98304:sIitnewfMQUa+61igrUkEXPEGQjRwPeIdCgKgU:KhkFbsigrDqxKP
Score

7^/10

discovery evasion persistence
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence