0edbe81c6a93fcf518a33a134041cdd70abab96148924a7e2ed759682c6a71ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6af3544eac7d17de7062466eb6b93225_JaffaCakes118
Size

14.7MB
Sample

240523-pp7xeshf7s
MD5

6af3544eac7d17de7062466eb6b93225
SHA1

a8fc8046c3b554961d9485e5fea7800d913e00e2
SHA256

0edbe81c6a93fcf518a33a134041cdd70abab96148924a7e2ed759682c6a71ad
SHA512

25c34f07d9149f3e8def37fbd306012b70b7633575d66aceb110aae3fce2777ec8ef139545bae9fc27b0e8e8af5a7b42a1b67d3be74d78f468d4d0d6ed5de64f
SSDEEP

196608:oenAGDqTsr3yjzL6cfxfy7wDOqjK5zDzSzqzZzsPfynhrYO1SLcVivCjLqtSma4s:iCq9Ffxfy71IK5veGtASzLqM4BCRN

Score

8^/10

android collection discovery evasion persistence

Malware Config

Targets

- Target
  
  6af3544eac7d17de7062466eb6b93225_JaffaCakes118
- Size
  
  14.7MB
- MD5
  
  6af3544eac7d17de7062466eb6b93225
- SHA1
  
  a8fc8046c3b554961d9485e5fea7800d913e00e2
- SHA256
  
  0edbe81c6a93fcf518a33a134041cdd70abab96148924a7e2ed759682c6a71ad
- SHA512
  
  25c34f07d9149f3e8def37fbd306012b70b7633575d66aceb110aae3fce2777ec8ef139545bae9fc27b0e8e8af5a7b42a1b67d3be74d78f468d4d0d6ed5de64f
- SSDEEP
  
  196608:oenAGDqTsr3yjzL6cfxfy7wDOqjK5zDzSzqzZzsPfynhrYO1SLcVivCjLqtSma4s:iCq9Ffxfy71IK5veGtASzLqM4BCRN
Score

8^/10

collection discovery evasion persistence
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Execution Guardrails

Geofencing

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Location Tracking

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryevasionpersistence