General

  • Target

    4d1d88ed96379c4b6b72b7f3f1727a97_JaffaCakes118

  • Size

    8.4MB

  • Sample

    240331-e4akcsdg51

  • MD5

    4d1d88ed96379c4b6b72b7f3f1727a97

  • SHA1

    691e2571c920f2dd184ff96c4ca05e89e2da2efc

  • SHA256

    ea6058517e957895fbd3c26cac63013df3442ceea289123c7afd4bd0b24bea82

  • SHA512

    8c7a25f81b67d42c9e9c7eda696a332cd136d01a5455af721b5c038117045f5d482aebfc4fd5a9ecdde408a64c9835cac72c14b2400e7a487d575650f6210b4b

  • SSDEEP

    196608:c6ltXnj5qP0vzIjQK2n8aPH1yN2iQDWx0RiQdyjynFAL92:c6Tnj5p0QpXN22icWabyj402

Malware Config

Targets

    • Target

      4d1d88ed96379c4b6b72b7f3f1727a97_JaffaCakes118

    • Size

      8.4MB

    • MD5

      4d1d88ed96379c4b6b72b7f3f1727a97

    • SHA1

      691e2571c920f2dd184ff96c4ca05e89e2da2efc

    • SHA256

      ea6058517e957895fbd3c26cac63013df3442ceea289123c7afd4bd0b24bea82

    • SHA512

      8c7a25f81b67d42c9e9c7eda696a332cd136d01a5455af721b5c038117045f5d482aebfc4fd5a9ecdde408a64c9835cac72c14b2400e7a487d575650f6210b4b

    • SSDEEP

      196608:c6ltXnj5qP0vzIjQK2n8aPH1yN2iQDWx0RiQdyjynFAL92:c6Tnj5p0QpXN22icWabyj402

    • Hydra

      Android banker and info stealer.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks