badmirror | adbefa7ed21b2b9e812c39909a24aaac4c38aa88ecf48146582b1701d0cbd30d | Triage

Submit
Reports

Overview

overview

Static

static

7

db68bf10bd...18.apk

android-9-x86

Sharing

General

Target

db68bf10bd0272897cb4e6d419313353_JaffaCakes118
Size

12.2MB
Sample

240911-3dch2aygkl
MD5

db68bf10bd0272897cb4e6d419313353
SHA1

0309d990d08937ff01a2a092ecbf64fef548e088
SHA256

adbefa7ed21b2b9e812c39909a24aaac4c38aa88ecf48146582b1701d0cbd30d
SHA512

8d06fcccf7c8e854129735236256e6a78ccb0cc31d9a32421aa2bfc91312d247070a1566b27806941f23bfced0e29971db91ebcdf6fbc40007f24c364a279060
SSDEEP

393216:VcTKHJuQsMWd9srZALGu0pOokD96zwmR3l1:VcGHJuQsr/Cu0Efpm1l1

Score

10^/10

badmirror android discovery evasion infostealer rat trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

db68bf10bd0272897cb4e6d419313353_JaffaCakes118.apk

Resource

android-x86-arm-20240624-en

badmirror discovery evasion infostealer rat trojan

android-9-x86

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  db68bf10bd0272897cb4e6d419313353_JaffaCakes118
- Size
  
  12.2MB
- MD5
  
  db68bf10bd0272897cb4e6d419313353
- SHA1
  
  0309d990d08937ff01a2a092ecbf64fef548e088
- SHA256
  
  adbefa7ed21b2b9e812c39909a24aaac4c38aa88ecf48146582b1701d0cbd30d
- SHA512
  
  8d06fcccf7c8e854129735236256e6a78ccb0cc31d9a32421aa2bfc91312d247070a1566b27806941f23bfced0e29971db91ebcdf6fbc40007f24c364a279060
- SSDEEP
  
  393216:VcTKHJuQsMWd9srZALGu0pOokD96zwmR3l1:VcGHJuQsr/Cu0Efpm1l1
Score

10^/10

badmirror discovery evasion infostealer rat trojan
- BadMirror
  BadMirror is an Android infostealer first seen in March 2016.
  trojan infostealer rat badmirror
- BadMirror payload
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

badmirrordiscoveryevasioninfostealerrattrojan

© 2018-2025

Terms | Privacy