cd4786950fae0716a406ae5f9fdaaa6f49dd41c6c799799639eff3ba9e082c20 | Triage

Sharing

General

Target

63b37e63f437d66cad97d9a4aef0fc6d_JaffaCakes118
Size

10.7MB
Sample

240521-sbk3aahg48
MD5

63b37e63f437d66cad97d9a4aef0fc6d
SHA1

467d8f8cd608b695e8c74874b6070111867b6e85
SHA256

cd4786950fae0716a406ae5f9fdaaa6f49dd41c6c799799639eff3ba9e082c20
SHA512

35c5735ed9f9cb355ed8b9f59603f21b426bd474bff0d2f9c2973d3ef823ba9e8b6109c2aaab662786ad4321285794ee9a8f8f35a0d24b657dc26cdec433fb35
SSDEEP

196608:e8H+0ocTkxAI12tWwN5AsG1LYBPD2mcAISI+lQgn9rIty+tqA5vw3eMX/0DOvkPG:e8H+tcTkSpWkisG1LAPymnTI+lnqtyPZ

Score

7^/10

android discovery evasion

Malware Config

Targets

- Target
  
  63b37e63f437d66cad97d9a4aef0fc6d_JaffaCakes118
- Size
  
  10.7MB
- MD5
  
  63b37e63f437d66cad97d9a4aef0fc6d
- SHA1
  
  467d8f8cd608b695e8c74874b6070111867b6e85
- SHA256
  
  cd4786950fae0716a406ae5f9fdaaa6f49dd41c6c799799639eff3ba9e082c20
- SHA512
  
  35c5735ed9f9cb355ed8b9f59603f21b426bd474bff0d2f9c2973d3ef823ba9e8b6109c2aaab662786ad4321285794ee9a8f8f35a0d24b657dc26cdec433fb35
- SSDEEP
  
  196608:e8H+0ocTkxAI12tWwN5AsG1LYBPD2mcAISI+lQgn9rIty+tqA5vw3eMX/0DOvkPG:e8H+tcTkSpWkisG1LAPymnTI+lnqtyPZ
Score

7^/10

discovery evasion
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion