General

  • Target

    5f60376ae066166c8385bd292a9986ef_JaffaCakes118

  • Size

    8.4MB

  • Sample

    240331-1ztnbsdh59

  • MD5

    5f60376ae066166c8385bd292a9986ef

  • SHA1

    02ee0294a56c0ea1d644bd46d1afde8732f8ea48

  • SHA256

    fb34414b386d0d12c24d11bce56f087730afc3fbab1ee397182f5dd64183b53b

  • SHA512

    998df041890821d5d9f18afd4d34151389b284df31607020af9e2308358f164c3fca109be60feabcb36669f8dc8e9813638d076e4d535ac7021c37ac3453131e

  • SSDEEP

    196608:czNyHL/kdBsGd+NAy5HqU4x6yNQZvtjUDWx0RiQdyjynFAL9/w:csr/kdBsQ+BN462QZvdgWabyj40/w

Malware Config

Targets

    • Target

      5f60376ae066166c8385bd292a9986ef_JaffaCakes118

    • Size

      8.4MB

    • MD5

      5f60376ae066166c8385bd292a9986ef

    • SHA1

      02ee0294a56c0ea1d644bd46d1afde8732f8ea48

    • SHA256

      fb34414b386d0d12c24d11bce56f087730afc3fbab1ee397182f5dd64183b53b

    • SHA512

      998df041890821d5d9f18afd4d34151389b284df31607020af9e2308358f164c3fca109be60feabcb36669f8dc8e9813638d076e4d535ac7021c37ac3453131e

    • SSDEEP

      196608:czNyHL/kdBsGd+NAy5HqU4x6yNQZvtjUDWx0RiQdyjynFAL9/w:csr/kdBsQ+BN462QZvdgWabyj40/w

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks