2db4892d2f76ce27bc2b2be594ef37b6e20d3fe4e4ffda7018c967b703213508 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0350e125d3938a7421cd9f360840357c_JaffaCakes118
Size

4.7MB
Sample

240930-1an2jswclk
MD5

0350e125d3938a7421cd9f360840357c
SHA1

494ad956210ec538d71c5498c960d021903885bd
SHA256

2db4892d2f76ce27bc2b2be594ef37b6e20d3fe4e4ffda7018c967b703213508
SHA512

7ef111a8b52d32b4d9447fef256e3875f7ce4c8aadb2c306f272d9ee8dfa55c8b5c87df08267f43cd5d61713efe06ed7e28771479a298a45589201c3114ee83f
SSDEEP

98304:f49+D9I8Vd66IEuBN623MrAM81w9lzb1zrPJ96DM1XiZOWNqFiJ6NrtvuVreHgm:f4IRI8VbmtMrDBhreDUiZOSWjJtvEUgm

Score

7^/10

android banker discovery evasion

Malware Config

Targets

- Target
  
  0350e125d3938a7421cd9f360840357c_JaffaCakes118
- Size
  
  4.7MB
- MD5
  
  0350e125d3938a7421cd9f360840357c
- SHA1
  
  494ad956210ec538d71c5498c960d021903885bd
- SHA256
  
  2db4892d2f76ce27bc2b2be594ef37b6e20d3fe4e4ffda7018c967b703213508
- SHA512
  
  7ef111a8b52d32b4d9447fef256e3875f7ce4c8aadb2c306f272d9ee8dfa55c8b5c87df08267f43cd5d61713efe06ed7e28771479a298a45589201c3114ee83f
- SSDEEP
  
  98304:f49+D9I8Vd66IEuBN623MrAM81w9lzb1zrPJ96DM1XiZOWNqFiJ6NrtvuVreHgm:f4IRI8VbmtMrDBhreDUiZOSWjJtvEUgm
Score

7^/10

banker discovery evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

Software Discovery

Security Software Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoveryevasion