General

  • Target

    0ad3ed18db22787964e625e4db85c296_JaffaCakes118

  • Size

    8.4MB

  • Sample

    240328-t9hkgsbg82

  • MD5

    0ad3ed18db22787964e625e4db85c296

  • SHA1

    a1f4dd7cd8ad949e59ad8680a457d681d24df2ac

  • SHA256

    74f3a191e941c68bbc7bf87515a12ae547e79eba4d9ffd5c2799a9c44b77dc2d

  • SHA512

    d2937b6f4cb270c911899f135453890b235a7aa74fc41e956654e96b099c5c5c2d3eb1b4ddb6e4a8efcf80f75598c1ad0396094b76f7aaf7be9d85c172eca694

  • SSDEEP

    196608:gcgrond6ie0RF+0pLqyNFQuoOQDWx0RiQdyjynFAL9W:gcgrondxpRF+0M2utOcWabyj40W

Malware Config

Targets

    • Target

      0ad3ed18db22787964e625e4db85c296_JaffaCakes118

    • Size

      8.4MB

    • MD5

      0ad3ed18db22787964e625e4db85c296

    • SHA1

      a1f4dd7cd8ad949e59ad8680a457d681d24df2ac

    • SHA256

      74f3a191e941c68bbc7bf87515a12ae547e79eba4d9ffd5c2799a9c44b77dc2d

    • SHA512

      d2937b6f4cb270c911899f135453890b235a7aa74fc41e956654e96b099c5c5c2d3eb1b4ddb6e4a8efcf80f75598c1ad0396094b76f7aaf7be9d85c172eca694

    • SSDEEP

      196608:gcgrond6ie0RF+0pLqyNFQuoOQDWx0RiQdyjynFAL9W:gcgrondxpRF+0M2utOcWabyj40W

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks