5cb303a8ae0ec0e791858cbe01609a09e48d8a336e39ef30735004fca8fb29c8 | Triage

Sharing

General

Target

2ea938d08957dd36710b7a5a9ed69710_JaffaCakes118
Size

412KB
Sample

241009-lehm1ayblh
MD5

2ea938d08957dd36710b7a5a9ed69710
SHA1

7a49fafaca24f6f50555ea0eaf30733593ba9288
SHA256

5cb303a8ae0ec0e791858cbe01609a09e48d8a336e39ef30735004fca8fb29c8
SHA512

9a1a96f0c1d2822c561f3bbe45d9775823ef4e6d350bcd59b88cfc9bbd97c6940a0ed08693e3ce809132f225f4c6ff36bb284aa6a1f95a78ba97e1aa7b51b561
SSDEEP

6144:RkBZ2zPIe0t4VfF8b/Tp/ezO/xaHTcJS8HmLcWaLTcJS8HmLcWawTcJS8HmLcWa6:RUZ9eDQ38waiRy2iRybiRy5iRyp

Score

7^/10

android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  2ea938d08957dd36710b7a5a9ed69710_JaffaCakes118
- Size
  
  412KB
- MD5
  
  2ea938d08957dd36710b7a5a9ed69710
- SHA1
  
  7a49fafaca24f6f50555ea0eaf30733593ba9288
- SHA256
  
  5cb303a8ae0ec0e791858cbe01609a09e48d8a336e39ef30735004fca8fb29c8
- SHA512
  
  9a1a96f0c1d2822c561f3bbe45d9775823ef4e6d350bcd59b88cfc9bbd97c6940a0ed08693e3ce809132f225f4c6ff36bb284aa6a1f95a78ba97e1aa7b51b561
- SSDEEP
  
  6144:RkBZ2zPIe0t4VfF8b/Tp/ezO/xaHTcJS8HmLcWaLTcJS8HmLcWawTcJS8HmLcWa6:RUZ9eDQ38waiRy2iRybiRy5iRyp
Score

7^/10

discovery impact persistence collection credential_access
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryimpactpersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact