a24d5675055ac5e277e5d7a154ebc0a7b78de237dc1578176f1c73f5abc42baa | Triage

Sharing

General

Target

701b0833ff9fa9777cd75410bb836ebe_JaffaCakes118
Size

1.2MB
Sample

241023-wbrfvaseja
MD5

701b0833ff9fa9777cd75410bb836ebe
SHA1

6f983203143cc08b81251ae7e18f62c38d6545da
SHA256

a24d5675055ac5e277e5d7a154ebc0a7b78de237dc1578176f1c73f5abc42baa
SHA512

d29b5e6f81b2cb13ba354027d7ed2c71f064f606fda53fae0d7b582ac5487518ad1bbcec716e8d7292304656a95689cba59b831334337f242fbb74c26cd48586
SSDEEP

24576:s83QfpNQEuPf4uIIzYTuu38giKaRLn/Cuhs3sPQ8UT/1tSrALKEaJ:xEq4uId38gVaF/Cuhs8Yz/CMaJ

Score

7^/10

android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  KSVOD.apk
- Size
  
  1.3MB
- MD5
  
  fdf276b076ed7718ac0a866c8d4e6ecb
- SHA1
  
  5b86133e44b8e8fd9bdc136daf5a29bd89035ed7
- SHA256
  
  da03e321938477a4182e64e27da08a7f2f72392131df0b17835a6cef5fb4d814
- SHA512
  
  44e61314b7f0fc0a9a9d43e9d93a751ac068f6130694c413468667cf40705700f73a502f1464b6796904062f9e5d0525361822fe1ac30618239b420231188b4c
- SSDEEP
  
  24576:XILs8qdMXFjEwN+E5LetTw2+eCeIUx1CmTfu6fWcYQ9B//KqwcLBVM19:47qdqFjEZDJlCeIIZTfu/cY4CgNO19
Score

7^/10

collection discovery persistence credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries account information for other applications stored on the device
  Application may abuse the framework's APIs to collect account information stored on the device.
  collection
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Stored Application Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

collectiondiscoverypersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact