General

  • Target

    f9ed050d0a7fb6cc6b8c073fc469a9ce_JaffaCakes118

  • Size

    4.0MB

  • Sample

    240419-kjr7kada63

  • MD5

    f9ed050d0a7fb6cc6b8c073fc469a9ce

  • SHA1

    5e8fe8262e5d8d2f19c1cf36f477d4d869b4ff5e

  • SHA256

    d6348a5aca930021adb7164e1d74389815eebd7e5e338f8fb93a206b26b26190

  • SHA512

    891396fdec4457d6fc4458f64a3b38b3c7a1904b5207e733002d8fd8bf42bf56c1bfc058dd55839246de50f90ae6275653d93f6cc2fce0875a8414a9e105ee62

  • SSDEEP

    98304:br9Dhq7rgA6UBC0Xd8ETTdUD5nDc33JJ9:P9lqbC0XaETTdQtDcH9

Malware Config

Targets

    • Target

      f9ed050d0a7fb6cc6b8c073fc469a9ce_JaffaCakes118

    • Size

      4.0MB

    • MD5

      f9ed050d0a7fb6cc6b8c073fc469a9ce

    • SHA1

      5e8fe8262e5d8d2f19c1cf36f477d4d869b4ff5e

    • SHA256

      d6348a5aca930021adb7164e1d74389815eebd7e5e338f8fb93a206b26b26190

    • SHA512

      891396fdec4457d6fc4458f64a3b38b3c7a1904b5207e733002d8fd8bf42bf56c1bfc058dd55839246de50f90ae6275653d93f6cc2fce0875a8414a9e105ee62

    • SSDEEP

      98304:br9Dhq7rgA6UBC0Xd8ETTdUD5nDc33JJ9:P9lqbC0XaETTdQtDcH9

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about running processes on the device.

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection.

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Matrix

Tasks