pegasus | 998a08e2b3ec687d37630742e3efa899efaa5541700d06969644a2a98c9dd499 | Triage

Sharing

General

Target

b59f88d7ddf265693b43b486825ddd70_JaffaCakes118
Size

3.8MB
Sample

240616-2ydfdswfmk
MD5

b59f88d7ddf265693b43b486825ddd70
SHA1

417de4b89fa966106803dcd66505ed8bc1a158ea
SHA256

998a08e2b3ec687d37630742e3efa899efaa5541700d06969644a2a98c9dd499
SHA512

c62c0820e9f66787729479cee94309fbc4811192ef2aa4e390ecd43ffbef5d7cf59b1d9d42b5d895723f176e22251c2166aa645d7875a5971e6bfdb26ae076e0
SSDEEP

98304:P+cjxLDH5AqByjpX7McsFo9asvUs8e99y9V9hiRcQ2pyoW:P+cZDH5AOgUYasl8e/s3Tpy/

Score

10^/10

pegasus android discovery evasion impact

Malware Config

Targets

- Target
  
  b59f88d7ddf265693b43b486825ddd70_JaffaCakes118
- Size
  
  3.8MB
- MD5
  
  b59f88d7ddf265693b43b486825ddd70
- SHA1
  
  417de4b89fa966106803dcd66505ed8bc1a158ea
- SHA256
  
  998a08e2b3ec687d37630742e3efa899efaa5541700d06969644a2a98c9dd499
- SHA512
  
  c62c0820e9f66787729479cee94309fbc4811192ef2aa4e390ecd43ffbef5d7cf59b1d9d42b5d895723f176e22251c2166aa645d7875a5971e6bfdb26ae076e0
- SSDEEP
  
  98304:P+cjxLDH5AqByjpX7McsFo9asvUs8e99y9V9hiRcQ2pyoW:P+cZDH5AOgUYasl8e/s3Tpy/
Score

8^/10

discovery evasion impact
- Checks if the Android device is rooted.
  evasion
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpact

behavioral2

discoveryevasionimpact