a8798daa77b0f8580edb2e67cf11a2a03e153711580687a0ecfb13c4391b4872 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e438657550097343f32a7b45b163bef_JaffaCakes118
Size

30.8MB
Sample

240524-mz7nased5v
MD5

6e438657550097343f32a7b45b163bef
SHA1

2f89c75b3893be81ea7f30aeac2bcd07dd719a0a
SHA256

a8798daa77b0f8580edb2e67cf11a2a03e153711580687a0ecfb13c4391b4872
SHA512

641cbd98a730d6df795914e83c76c7ea1e9e70520e2afcb8ccbe38b9df32096b19236d2af40140cbe7fdccc1141d007d4e4971fefa19939bc101f752c167ee98
SSDEEP

786432:cty2MeXOndqtBPbajgWpt2VEzUiv5wwHdq9VeGoOgp:ctP/Xydqr2juazjvS8dqX4p

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  6e438657550097343f32a7b45b163bef_JaffaCakes118
- Size
  
  30.8MB
- MD5
  
  6e438657550097343f32a7b45b163bef
- SHA1
  
  2f89c75b3893be81ea7f30aeac2bcd07dd719a0a
- SHA256
  
  a8798daa77b0f8580edb2e67cf11a2a03e153711580687a0ecfb13c4391b4872
- SHA512
  
  641cbd98a730d6df795914e83c76c7ea1e9e70520e2afcb8ccbe38b9df32096b19236d2af40140cbe7fdccc1141d007d4e4971fefa19939bc101f752c167ee98
- SSDEEP
  
  786432:cty2MeXOndqtBPbajgWpt2VEzUiv5wwHdq9VeGoOgp:ctP/Xydqr2juazjvS8dqX4p
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence