1fc40e3c054c1f71324271e3b65202145332ba544e0bd948de877a4ef4cb2652 | Triage

Sharing

General

Target

a3f81367dad5417e9080f83ca1c21c91_JaffaCakes118
Size

3.0MB
Sample

240613-f247mazalk
MD5

a3f81367dad5417e9080f83ca1c21c91
SHA1

a738c9b62f4f338bca5ab120dce0edf7410b248f
SHA256

1fc40e3c054c1f71324271e3b65202145332ba544e0bd948de877a4ef4cb2652
SHA512

4400cd0acf594b29f217506baccc30cccb6427f2313b7a814e0e9067ea1e4eb121b3fdd1e7f6300328f002498d00ca9a4b5b2a7da500dc4702b7048b737e1362
SSDEEP

49152:CqE1MPd1MPrr7PVnzimJZ+xHswe5fK/MR6GCe+Vi2tMQOAmnoLhrd4LIue20mjgG:CqkMbMTrLVGmXpvwNG0ltM/o9rm7/M6v

Score

8^/10

android banker discovery evasion impact persistence

Malware Config

Targets

- Target
  
  a3f81367dad5417e9080f83ca1c21c91_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  a3f81367dad5417e9080f83ca1c21c91
- SHA1
  
  a738c9b62f4f338bca5ab120dce0edf7410b248f
- SHA256
  
  1fc40e3c054c1f71324271e3b65202145332ba544e0bd948de877a4ef4cb2652
- SHA512
  
  4400cd0acf594b29f217506baccc30cccb6427f2313b7a814e0e9067ea1e4eb121b3fdd1e7f6300328f002498d00ca9a4b5b2a7da500dc4702b7048b737e1362
- SSDEEP
  
  49152:CqE1MPd1MPrr7PVnzimJZ+xHswe5fK/MR6GCe+Vi2tMQOAmnoLhrd4LIue20mjgG:CqkMbMTrLVGmXpvwNG0ltM/o9rm7/M6v
Score

8^/10

banker discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

Software Discovery

Security Software Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

bankerdiscoveryevasionimpactpersistence