e94c67253747673b7c71e43d300d3a09a80ea9f1323f8d692ecd55af195a8742 | Triage

Sharing

General

Target

cdf1695f91d1e1ef9479b7aefb6ee30d_JaffaCakes118
Size

19.1MB
Sample

240901-bpt4nswhqd
MD5

cdf1695f91d1e1ef9479b7aefb6ee30d
SHA1

54fb4b6536aa777a683baa6c7aa4109d723d1e9c
SHA256

e94c67253747673b7c71e43d300d3a09a80ea9f1323f8d692ecd55af195a8742
SHA512

0e35957cba3f07f223bac46774a6543e689c5183a0b241d072afa1092eaecdde11c060522dc7d60486909733b1bd09973aed9e9cde452096fd9e0b9f4b246f65
SSDEEP

393216:gjaHFeJzZMHK9Jk9diiVCxH276Kh2jnAoninOY0z/AugJ6JpV1L:iu8ziH2wVEH27PhOnzY70z4u+yv1L

Score

8^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  cdf1695f91d1e1ef9479b7aefb6ee30d_JaffaCakes118
- Size
  
  19.1MB
- MD5
  
  cdf1695f91d1e1ef9479b7aefb6ee30d
- SHA1
  
  54fb4b6536aa777a683baa6c7aa4109d723d1e9c
- SHA256
  
  e94c67253747673b7c71e43d300d3a09a80ea9f1323f8d692ecd55af195a8742
- SHA512
  
  0e35957cba3f07f223bac46774a6543e689c5183a0b241d072afa1092eaecdde11c060522dc7d60486909733b1bd09973aed9e9cde452096fd9e0b9f4b246f65
- SSDEEP
  
  393216:gjaHFeJzZMHK9Jk9diiVCxH276Kh2jnAoninOY0z/AugJ6JpV1L:iu8ziH2wVEH27PhOnzY70z4u+yv1L
Score

8^/10

discovery evasion persistence collection credential_access impact
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessdiscoveryevasionimpact