irata | 6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301 | Triage

Sharing

General

Target

b418a20ab90b3cc2b2b2af0796cca72d_JaffaCakes118
Size

9.2MB
Sample

240821-tea7xs1djr
MD5

b418a20ab90b3cc2b2b2af0796cca72d
SHA1

f4470d634188aaf77c9de4289518d0cfd57ff8d6
SHA256

6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
SHA512

4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
SSDEEP

196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p

Score

10^/10

irata android discovery execution persistence

Malware Config

Targets

- Target
  
  b418a20ab90b3cc2b2b2af0796cca72d_JaffaCakes118
- Size
  
  9.2MB
- MD5
  
  b418a20ab90b3cc2b2b2af0796cca72d
- SHA1
  
  f4470d634188aaf77c9de4289518d0cfd57ff8d6
- SHA256
  
  6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
- SHA512
  
  4ac6f7dc1efd2fb783041167fdd4fa44ab08024d969bf0e454a1b9928bc84e9143186942b5444cac3b358bd91fb79bf2e6f45781ae5f9030c5a3e810a56d2d34
- SSDEEP
  
  196608:jTKwgo6QnjgJVrVgeNBJhoXHst9pHxp4sa5dBLiDlUc:nHgo9jgJVOeNBJQUj4sW+p
Score

6^/10

discovery execution persistence
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecutionpersistence

behavioral2

discoveryexecutionpersistence

behavioral3

discoveryexecutionpersistence