cce6f605fc415d5a5ca9c28893d06f77fd6f95b3eab232023f9215516f1108b3 | Triage

Sharing

General

Target

5d1ab6e66e1f01a74d0fc5fd8d4b4922_JaffaCakes118
Size

5.4MB
Sample

240520-eqam7sba46
MD5

5d1ab6e66e1f01a74d0fc5fd8d4b4922
SHA1

4a55a6d205bdf693907e05b78878be599acb9b13
SHA256

cce6f605fc415d5a5ca9c28893d06f77fd6f95b3eab232023f9215516f1108b3
SHA512

c825fd30a7169a8729297693579a9ae411fe458c7c9887838abd4151ebe2676c7a9d120a8a97fed188c42c1f3a3c7bd91255b6f9d3160a0058334e900068854d
SSDEEP

98304:xw2QB6wI7QErPSgmONfhtKZUw8oi29rXRrn8sB1pGf3JprYAXwDVhlN7XqJT26:xwkwOfPFtKKwNisX2s9GvYAXwZv1Xq9

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  5d1ab6e66e1f01a74d0fc5fd8d4b4922_JaffaCakes118
- Size
  
  5.4MB
- MD5
  
  5d1ab6e66e1f01a74d0fc5fd8d4b4922
- SHA1
  
  4a55a6d205bdf693907e05b78878be599acb9b13
- SHA256
  
  cce6f605fc415d5a5ca9c28893d06f77fd6f95b3eab232023f9215516f1108b3
- SHA512
  
  c825fd30a7169a8729297693579a9ae411fe458c7c9887838abd4151ebe2676c7a9d120a8a97fed188c42c1f3a3c7bd91255b6f9d3160a0058334e900068854d
- SSDEEP
  
  98304:xw2QB6wI7QErPSgmONfhtKZUw8oi29rXRrn8sB1pGf3JprYAXwDVhlN7XqJT26:xwkwOfPFtKKwNisX2s9GvYAXwZv1Xq9
Score

8^/10

persistence discovery evasion
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionpersistence