f1518b0f933fd2c8db11462eb750e37fd43c4fbb782184c162abc26fd0de130a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b130385cce050315b3017b2bc660aa2_JaffaCakes118
Size

21.4MB
Sample

240811-tttyks1gme
MD5

8b130385cce050315b3017b2bc660aa2
SHA1

8ea4c10721c6d48fa43d098121338db89e721175
SHA256

f1518b0f933fd2c8db11462eb750e37fd43c4fbb782184c162abc26fd0de130a
SHA512

c8e6e7f91d15f1bf5acf23906ac20e69908d17e32c048220cc8289506fca8d81d874d4180e6f791fe75875dd29b74bf83fcf5c602948dfe3a9a7f5be217867a4
SSDEEP

393216:mxtLywlVMZHMNxrmUs6tzdKoy5JBS7oPotNjQsMRmYEAST7wGUv:y7lVMZMXr/th4HBhotd37w1

Score

8^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  8b130385cce050315b3017b2bc660aa2_JaffaCakes118
- Size
  
  21.4MB
- MD5
  
  8b130385cce050315b3017b2bc660aa2
- SHA1
  
  8ea4c10721c6d48fa43d098121338db89e721175
- SHA256
  
  f1518b0f933fd2c8db11462eb750e37fd43c4fbb782184c162abc26fd0de130a
- SHA512
  
  c8e6e7f91d15f1bf5acf23906ac20e69908d17e32c048220cc8289506fca8d81d874d4180e6f791fe75875dd29b74bf83fcf5c602948dfe3a9a7f5be217867a4
- SSDEEP
  
  393216:mxtLywlVMZHMNxrmUs6tzdKoy5JBS7oPotNjQsMRmYEAST7wGUv:y7lVMZMXr/th4HBhotd37w1
Score

8^/10

discovery impact persistence collection credential_access evasion
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryimpactpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence