joker | 6d0ce6305e977d28ba4e7bac35de605151a8c22968b71150459bae70ecbd58c9 | Triage

Sharing

General

Target

692cff3b40928e45c654ac9675abf3f7_JaffaCakes118
Size

24.5MB
Sample

240523-a1qpysfa8y
MD5

692cff3b40928e45c654ac9675abf3f7
SHA1

cddd223a2740ff3a23a94c4c058c88853b7d4c58
SHA256

6d0ce6305e977d28ba4e7bac35de605151a8c22968b71150459bae70ecbd58c9
SHA512

cd4c6324fbc362e3553e13138ecd045c28b9068defad47b46392c05d3ed7fba4440fed1100128f9a720093e68ad866859fa3de56a472e4dbc43b36f81f5e5f15
SSDEEP

393216:zSYKBXFNW4CX11z3fyh9z9LJfivE7aakUVfflX40SonP:OPRmbl1zqbz9ZqE2XSoCP

Score

10^/10

joker android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  692cff3b40928e45c654ac9675abf3f7_JaffaCakes118
- Size
  
  24.5MB
- MD5
  
  692cff3b40928e45c654ac9675abf3f7
- SHA1
  
  cddd223a2740ff3a23a94c4c058c88853b7d4c58
- SHA256
  
  6d0ce6305e977d28ba4e7bac35de605151a8c22968b71150459bae70ecbd58c9
- SHA512
  
  cd4c6324fbc362e3553e13138ecd045c28b9068defad47b46392c05d3ed7fba4440fed1100128f9a720093e68ad866859fa3de56a472e4dbc43b36f81f5e5f15
- SSDEEP
  
  393216:zSYKBXFNW4CX11z3fyh9z9LJfivE7aakUVfflX40SonP:OPRmbl1zqbz9ZqE2XSoCP
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence