5d54d2bb197128cad66512c5751a77cdc44d7e603f2bdabc0dec4a9da5fb1e17 | Triage

Sharing

General

Target

6e081f3c438268272da118aba7cc8f5f_JaffaCakes118
Size

25.3MB
Sample

240524-lcw3lscd6x
MD5

6e081f3c438268272da118aba7cc8f5f
SHA1

2795bb4a4e37faa518ee0fa1b814eb4bac7db180
SHA256

5d54d2bb197128cad66512c5751a77cdc44d7e603f2bdabc0dec4a9da5fb1e17
SHA512

d29a4bc7e8de4e71a17007ac649c603c4cc8ff046403a175b80a2d914db2fe303aac2cbd5a9d79adbedb8804ab7807bf95055a3c6ca145997af9bf4211287481
SSDEEP

786432:R63mYaNy9PKF3d9PFfV1lyzxRZEC2dPggphIuoBfR:e7/P4DH1MlTBQpAuolR

Score

7^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  6e081f3c438268272da118aba7cc8f5f_JaffaCakes118
- Size
  
  25.3MB
- MD5
  
  6e081f3c438268272da118aba7cc8f5f
- SHA1
  
  2795bb4a4e37faa518ee0fa1b814eb4bac7db180
- SHA256
  
  5d54d2bb197128cad66512c5751a77cdc44d7e603f2bdabc0dec4a9da5fb1e17
- SHA512
  
  d29a4bc7e8de4e71a17007ac649c603c4cc8ff046403a175b80a2d914db2fe303aac2cbd5a9d79adbedb8804ab7807bf95055a3c6ca145997af9bf4211287481
- SSDEEP
  
  786432:R63mYaNy9PKF3d9PFfV1lyzxRZEC2dPggphIuoBfR:e7/P4DH1MlTBQpAuolR
Score

7^/10

discovery evasion persistence collection credential_access impact
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpact