e0ce8913c9a34f650dd7e3ae8283824168eb8933c7cc292924481b8a5cb4fa2d | Triage

Sharing

General

Target

6fc2f0fcc7fd4b7da84a858739a72c9e_JaffaCakes118
Size

15.8MB
Sample

240524-zbr9xsae26
MD5

6fc2f0fcc7fd4b7da84a858739a72c9e
SHA1

c24997b1d0b67705470cf94625e77f9ddcb80e23
SHA256

e0ce8913c9a34f650dd7e3ae8283824168eb8933c7cc292924481b8a5cb4fa2d
SHA512

bb4801eecf5ab573fbb5ce26c895f5282721598bf940cdd0ee87b25c047be3c3fb4e9d6af3593f9e71af0a2ab5903507ff9b69ca0b2e815895414552346c7c37
SSDEEP

393216:EH8usJwXG8CYyD/o5OmEb+Z1vYQOCZZtzzm:nusJw289yDRb+7YkZXzm

Score

8^/10

android banker discovery evasion persistence

Malware Config

Targets

- Target
  
  6fc2f0fcc7fd4b7da84a858739a72c9e_JaffaCakes118
- Size
  
  15.8MB
- MD5
  
  6fc2f0fcc7fd4b7da84a858739a72c9e
- SHA1
  
  c24997b1d0b67705470cf94625e77f9ddcb80e23
- SHA256
  
  e0ce8913c9a34f650dd7e3ae8283824168eb8933c7cc292924481b8a5cb4fa2d
- SHA512
  
  bb4801eecf5ab573fbb5ce26c895f5282721598bf940cdd0ee87b25c047be3c3fb4e9d6af3593f9e71af0a2ab5903507ff9b69ca0b2e815895414552346c7c37
- SSDEEP
  
  393216:EH8usJwXG8CYyD/o5OmEb+Z1vYQOCZZtzzm:nusJw289yDRb+7YkZXzm
Score

8^/10

banker discovery evasion persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks CPU information
  Checks CPU information which indicate if the system is an emulator.
  evasion discovery
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoveryevasionpersistence