6416c53a10a95cb37ecee748836c7e933b861b4a0e51c48711b9f420ae7a324c | Triage

Sharing

General

Target

302e4a471bef588aecd4b30e259072cd_JaffaCakes118
Size

190KB
Sample

241010-q395datfkn
MD5

302e4a471bef588aecd4b30e259072cd
SHA1

80f6207bf8d91d80c303718902ae444ba5499399
SHA256

6416c53a10a95cb37ecee748836c7e933b861b4a0e51c48711b9f420ae7a324c
SHA512

6ac563788e4fcc69683d8a28ffa62d9e63da7656628eb05841d6fcee6a4b7042391b4c02baf5eb4065cb9e18dfacdcd950b52b9d21f2869ec32d22b779ccb498
SSDEEP

3072:6ZtbOdV8GSR9T+KqPC5+kAMEJG8G/GF17IctXT+H/xCmMeUZzUwzMToTevfsaH:ebOdCRYKVfF86G1ttXafcRzUwgTie0S

Score

7^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  302e4a471bef588aecd4b30e259072cd_JaffaCakes118
- Size
  
  190KB
- MD5
  
  302e4a471bef588aecd4b30e259072cd
- SHA1
  
  80f6207bf8d91d80c303718902ae444ba5499399
- SHA256
  
  6416c53a10a95cb37ecee748836c7e933b861b4a0e51c48711b9f420ae7a324c
- SHA512
  
  6ac563788e4fcc69683d8a28ffa62d9e63da7656628eb05841d6fcee6a4b7042391b4c02baf5eb4065cb9e18dfacdcd950b52b9d21f2869ec32d22b779ccb498
- SSDEEP
  
  3072:6ZtbOdV8GSR9T+KqPC5+kAMEJG8G/GF17IctXT+H/xCmMeUZzUwzMToTevfsaH:ebOdCRYKVfF86G1ttXafcRzUwgTie0S
Score

7^/10

discovery impact persistence collection credential_access evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryimpactpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact