badmirror | ce1ad313e27acc6613c14dec305f4afddd1ba411d4f4cf947268e6399ec2d107 | Triage

Sharing

General

Target

08ae3b578055b741436f7289a91e114e_JaffaCakes118
Size

4.4MB
Sample

241002-d5cknsyfng
MD5

08ae3b578055b741436f7289a91e114e
SHA1

4f45b5951e4f8c192574b4c3cbb82cd96763bf1d
SHA256

ce1ad313e27acc6613c14dec305f4afddd1ba411d4f4cf947268e6399ec2d107
SHA512

f580811e4f24fff8a2adc06f47ee961e2cbafd2bd9e500f02362a1684c501e7a6eef3bedba93bf4d275eca7b5d4bf565dfa525f133caf7ce18bd59e83f6460ac
SSDEEP

98304:wJHnzx7HsXBc3xKsEamW+En5icmIDrx9yITx5FWwmUOOSBSh2rXoB211r:wJpHcc3xjNH5icmIDrx9y+x5EmhDy1r

Score

10^/10

badmirror android discovery evasion

Malware Config

Targets

- Target
  
  08ae3b578055b741436f7289a91e114e_JaffaCakes118
- Size
  
  4.4MB
- MD5
  
  08ae3b578055b741436f7289a91e114e
- SHA1
  
  4f45b5951e4f8c192574b4c3cbb82cd96763bf1d
- SHA256
  
  ce1ad313e27acc6613c14dec305f4afddd1ba411d4f4cf947268e6399ec2d107
- SHA512
  
  f580811e4f24fff8a2adc06f47ee961e2cbafd2bd9e500f02362a1684c501e7a6eef3bedba93bf4d275eca7b5d4bf565dfa525f133caf7ce18bd59e83f6460ac
- SSDEEP
  
  98304:wJHnzx7HsXBc3xKsEamW+En5icmIDrx9yITx5FWwmUOOSBSh2rXoB211r:wJpHcc3xjNH5icmIDrx9y+x5EmhDy1r
Score

7^/10

discovery evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

Process Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion