cfa394542d95b5735ec49b1afcf305e7cfad7e10a5a4d9e9f5233d23c154a113 | Triage

Sharing

General

Target

ea888aec00b448fef31dc67925bd20c9_JaffaCakes118
Size

13.4MB
Sample

240919-eergkszbqe
MD5

ea888aec00b448fef31dc67925bd20c9
SHA1

f316e0e2495a25a27b65b0988e327461d22c5d1d
SHA256

cfa394542d95b5735ec49b1afcf305e7cfad7e10a5a4d9e9f5233d23c154a113
SHA512

dc632b82ac3ccf6298ac9a6c2a87577088d0529c6d125b30a407f9d0f7280cad6a91135a181e28b8d2fd1b56e91ebe5ed312f1f164013619961d4bb39c58d90e
SSDEEP

393216:fgwisbxbGC0DVpE8vyGOZ2U81KzTJHWmX3buM:f5bxuDVlyGhU8QzTFWmbv

Score

8^/10

android collection discovery evasion impact persistence

Malware Config

Targets

- Target
  
  ea888aec00b448fef31dc67925bd20c9_JaffaCakes118
- Size
  
  13.4MB
- MD5
  
  ea888aec00b448fef31dc67925bd20c9
- SHA1
  
  f316e0e2495a25a27b65b0988e327461d22c5d1d
- SHA256
  
  cfa394542d95b5735ec49b1afcf305e7cfad7e10a5a4d9e9f5233d23c154a113
- SHA512
  
  dc632b82ac3ccf6298ac9a6c2a87577088d0529c6d125b30a407f9d0f7280cad6a91135a181e28b8d2fd1b56e91ebe5ed312f1f164013619961d4bb39c58d90e
- SSDEEP
  
  393216:fgwisbxbGC0DVpE8vyGOZ2U81KzTJHWmX3buM:f5bxuDVlyGhU8QzTFWmbv
Score

8^/10

collection discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about the current nearby Wi-Fi networks
  Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
  discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery evasion
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Execution Guardrails

Geofencing

Credential Access

Discovery

Location Tracking

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

collectiondiscoveryevasionimpactpersistence