joker | bf41a428cdac921794a10b4e6fa97e4ea82a11f14a2c676355a06e2fa5b64d52 | Triage

Sharing

General

Target

47330efd1cb848c1090019e79b56695c_JaffaCakes118
Size

11.1MB
Sample

240515-vs5jcsbd79
MD5

47330efd1cb848c1090019e79b56695c
SHA1

1b0b767f2fa33201123da6f6ef956b4ea08dd052
SHA256

bf41a428cdac921794a10b4e6fa97e4ea82a11f14a2c676355a06e2fa5b64d52
SHA512

578403890e0096281585cbb75eff9f8971a7c045265b18a8de563504605f41f30977c260387fed733222ca2a23e12e9435a1e9923fe47525f54aa996db75127e
SSDEEP

196608:TPKtkFCoVRm+HogTlALCXQOLdT6lUTcW2+4QLK/j9SA4DgFsf4+1PAwi:TGk0krH2L5CkUTcW2+4Q+/j8fkP

Score

10^/10

joker android discovery persistence

Malware Config

Targets

- Target
  
  47330efd1cb848c1090019e79b56695c_JaffaCakes118
- Size
  
  11.1MB
- MD5
  
  47330efd1cb848c1090019e79b56695c
- SHA1
  
  1b0b767f2fa33201123da6f6ef956b4ea08dd052
- SHA256
  
  bf41a428cdac921794a10b4e6fa97e4ea82a11f14a2c676355a06e2fa5b64d52
- SHA512
  
  578403890e0096281585cbb75eff9f8971a7c045265b18a8de563504605f41f30977c260387fed733222ca2a23e12e9435a1e9923fe47525f54aa996db75127e
- SSDEEP
  
  196608:TPKtkFCoVRm+HogTlALCXQOLdT6lUTcW2+4QLK/j9SA4DgFsf4+1PAwi:TGk0krH2L5CkUTcW2+4Q+/j8fkP
Score

7^/10

persistence discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence