joker | a601ecd0a85763ad8687faae5d019d06656ebc99a06cb9d9568727c6b9d958a7 | Triage

Resubmissions

19-12-2024 07:53

241219-jqy31swnek 10

10-12-2024 03:20

241210-dvvnhasjg1 10

Sharing

General

Target

dcc61ee1bdbff7e2b659bfeb6bc4b929_JaffaCakes118
Size

16.9MB
Sample

241210-dvvnhasjg1
MD5

dcc61ee1bdbff7e2b659bfeb6bc4b929
SHA1

0d213c8d396702cdf36f8f9295542d82470be639
SHA256

a601ecd0a85763ad8687faae5d019d06656ebc99a06cb9d9568727c6b9d958a7
SHA512

c4a1bb0b71f43868eaad6d8d3f79c4ddb93e87bd4a570fee9030e9a2423b964cd2956a92a0bd52ae189959e793844816e4526a57af9193c9fb78e078dec5a7c7
SSDEEP

393216:uPErRu8smLMNk8fbMlZixtPCffNHGQtqiVYVD/MofEWoTnsdTXK:YEo5PNdf0UQfNHDgiVQjLEfTsdT6

Score

10^/10

joker android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  dcc61ee1bdbff7e2b659bfeb6bc4b929_JaffaCakes118
- Size
  
  16.9MB
- MD5
  
  dcc61ee1bdbff7e2b659bfeb6bc4b929
- SHA1
  
  0d213c8d396702cdf36f8f9295542d82470be639
- SHA256
  
  a601ecd0a85763ad8687faae5d019d06656ebc99a06cb9d9568727c6b9d958a7
- SHA512
  
  c4a1bb0b71f43868eaad6d8d3f79c4ddb93e87bd4a570fee9030e9a2423b964cd2956a92a0bd52ae189959e793844816e4526a57af9193c9fb78e078dec5a7c7
- SSDEEP
  
  393216:uPErRu8smLMNk8fbMlZixtPCffNHGQtqiVYVD/MofEWoTnsdTXK:YEo5PNdf0UQfNHDgiVQjLEfTsdT6
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence