3c6e4a3434bf0d11a778213981376a60bbe79a06cb8208aac4725eb60fb1ee54 | Triage

Sharing

General

Target

d3ba7b145d2aec4eeb8a9cbf8dfe17fe_JaffaCakes118
Size

29.6MB
Sample

240908-g1zq7atakf
MD5

d3ba7b145d2aec4eeb8a9cbf8dfe17fe
SHA1

529bd85b931a70465cb9e1fc9a12c76ef66d71cb
SHA256

3c6e4a3434bf0d11a778213981376a60bbe79a06cb8208aac4725eb60fb1ee54
SHA512

2ec27f98fd9671140f3bdc790c30b72807a7bf4f91c68f0f5f4ff9c1b066e7d8c40738c458629db2649125dbc6f887d539faa737dfa6995c5bfe297438b89b40
SSDEEP

786432:K7qBl3F19u38COsb91h7pFsDatGH/ZMXECKOPXLkvms:K7qBrG8Cf7NztGqNKOfAV

Score

8^/10

android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  d3ba7b145d2aec4eeb8a9cbf8dfe17fe_JaffaCakes118
- Size
  
  29.6MB
- MD5
  
  d3ba7b145d2aec4eeb8a9cbf8dfe17fe
- SHA1
  
  529bd85b931a70465cb9e1fc9a12c76ef66d71cb
- SHA256
  
  3c6e4a3434bf0d11a778213981376a60bbe79a06cb8208aac4725eb60fb1ee54
- SHA512
  
  2ec27f98fd9671140f3bdc790c30b72807a7bf4f91c68f0f5f4ff9c1b066e7d8c40738c458629db2649125dbc6f887d539faa737dfa6995c5bfe297438b89b40
- SSDEEP
  
  786432:K7qBl3F19u38COsb91h7pFsDatGH/ZMXECKOPXLkvms:K7qBrG8Cf7NztGqNKOfAV
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral1
- Target
  
  kkk_sdk_v4.2.4_charge.apk
- Size
  
  1.1MB
- MD5
  
  7aa81f9b75b58aa9051b0949ccc346e0
- SHA1
  
  76b764527d1b983dcf8ade6ada386d53b7c877fc
- SHA256
  
  6f321f5e22958409166340cf9c413b3e63d6fc98ad8ba91c64b5223e80cf686c
- SHA512
  
  631a5eac92c22040e6decece636482fc307a630459cd8b4cc84358c6c60deae793b9984a6714bb47626064304e0fa69406b02cc782eebf36d6cc9bd919ef65e0
- SSDEEP
  
  24576:08QHHv6m/bW+x5MPhxUHWBD15RSrJpOmTWlVzFJw0iivmaYdybSfiUR:08QnvDBx5AxU2Z15RWJQO0a7SmvX/R
Score

1^/10
behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2