2628ad86c502c7972582a51798d9ec1ec76be177ed8edd2c6ce893d21a88dfbe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03bb2683588aeb7b05bf3239178e4e9f_JaffaCakes118
Size

25.4MB
Sample

241001-aklq3awaqe
MD5

03bb2683588aeb7b05bf3239178e4e9f
SHA1

cc6e89687fc587daa5cb6f8a0ad88373d3970b7f
SHA256

2628ad86c502c7972582a51798d9ec1ec76be177ed8edd2c6ce893d21a88dfbe
SHA512

f8f066e3c61d4129a4a832a45dd0803ebf582cbcee4d5b3417f1cf732e442b8c6daf443f38df3cb6763e1d2b31dec63ac940ff239e2ca99dfd94f0cebe55eb43
SSDEEP

786432:htacTwcGJRP/PePJ+QcYtYU3d9QVnCsiMrsk0B:WcTwP/Ppp3rI

Score

8^/10

android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  03bb2683588aeb7b05bf3239178e4e9f_JaffaCakes118
- Size
  
  25.4MB
- MD5
  
  03bb2683588aeb7b05bf3239178e4e9f
- SHA1
  
  cc6e89687fc587daa5cb6f8a0ad88373d3970b7f
- SHA256
  
  2628ad86c502c7972582a51798d9ec1ec76be177ed8edd2c6ce893d21a88dfbe
- SHA512
  
  f8f066e3c61d4129a4a832a45dd0803ebf582cbcee4d5b3417f1cf732e442b8c6daf443f38df3cb6763e1d2b31dec63ac940ff239e2ca99dfd94f0cebe55eb43
- SSDEEP
  
  786432:htacTwcGJRP/PePJ+QcYtYU3d9QVnCsiMrsk0B:WcTwP/Ppp3rI
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
- Checks the presence of a debugger
  evasion
behavioral1
- Target
  
  unicom_resource.dat
- Size
  
  179KB
- MD5
  
  13164da22167928b42af82bf4e41aa28
- SHA1
  
  343baf8fc0ab7beeab26ceaf1727f4c9bba4bbee
- SHA256
  
  7d893364bdd17591fcb11f9e7cb0298e2ef544fac7fa8bbb46e2fe5780fe408d
- SHA512
  
  b8715b4704fac46b0782dcbd5ccef34494195b8ce94116154f82c56ae44287e0c899d68a627895bc8a6df2bdd9ddaa8cedf2b9735a8bee59705a67dc797a6040
- SSDEEP
  
  3072:OxuKgrIiLC9R/gpQ5toSZh29uFjuttu3NOh:OxuK58GtjZhguau3Ny
Score

1^/10
behavioral2 behavioral3 behavioral4

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

behavioral3

behavioral4