General

  • Target

    3e5d7c0e49632e62abbe382c0fad1513_JaffaCakes118

  • Size

    14.2MB

  • Sample

    240513-ja8mhscd4v

  • MD5

    3e5d7c0e49632e62abbe382c0fad1513

  • SHA1

    0497103456ef8f99facec9704f17965f01623bd9

  • SHA256

    9963f13389bf7414f37ec5b3948120b8a4ef9fe7a29354a8e26d06ab2e7b62bd

  • SHA512

    e2a43edf90ead8943ef05f1703759b28dd500dd4679b25ed53204be055fa8dc94f8ca7862b9a74c898c96186a5de7ac0d5d5501f914c27058db2645253ad390d

  • SSDEEP

    393216:NxLL0Fca0T9qk8i8vi/TShIt574mBnglJezyvqRv0gA:NxXFR8R5S575ngazCqh0gA

Malware Config

Targets

    • Target

      3e5d7c0e49632e62abbe382c0fad1513_JaffaCakes118

    • Size

      14.2MB

    • MD5

      3e5d7c0e49632e62abbe382c0fad1513

    • SHA1

      0497103456ef8f99facec9704f17965f01623bd9

    • SHA256

      9963f13389bf7414f37ec5b3948120b8a4ef9fe7a29354a8e26d06ab2e7b62bd

    • SHA512

      e2a43edf90ead8943ef05f1703759b28dd500dd4679b25ed53204be055fa8dc94f8ca7862b9a74c898c96186a5de7ac0d5d5501f914c27058db2645253ad390d

    • SSDEEP

      393216:NxLL0Fca0T9qk8i8vi/TShIt574mBnglJezyvqRv0gA:NxXFR8R5S575ngazCqh0gA

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    • Target

      dmss.jar

    • Size

      91KB

    • MD5

      228208a2ff88e3d59ac1fe7c7c1d00dc

    • SHA1

      c0c2138a277bc56cf7316933b25c79a3506e7968

    • SHA256

      6178e02afe116dfc3ffa9e4e1c8c0351679b2ca7685e1003b0f57f385fc65a1c

    • SHA512

      e57ce25c31de4ab7beabfd4e6b3032f90cc1ab95028fcaf585f297d26eea1e5b2f8672e4299442cb3b478c329afd3b01807e9a570cdee6469256a13ba62c7829

    • SSDEEP

      1536:I57N4rLOrER4Y+0wnPQzJGmmYuJbrPqMiAabozwHVmrWnw5EmZM4fKR/8Ox4gO:IiLOQR48w8Gm7uPidUz6VmrWnLCM4iR4

    Score
    1/10
    • Target

      global.jar

    • Size

      243KB

    • MD5

      c7436acadb9035cc3d628cd0f38a3f15

    • SHA1

      8bc75f4401bcba16f27fda7884969822c4566ae2

    • SHA256

      459c559bd00ae4b6cb880adac7f50cad36c81b3fcf647a3112d126d1684682cc

    • SHA512

      568f238f722c5321501b2f078a758f54830d5cd70781cb6267a03bfff3bc55dd6a243ecd74570eb223f7af702fa455edc97ebf7877ce4258f5ea61072ebf7f50

    • SSDEEP

      6144:QaeJdm7hV3Bqe5GmIDWQaeJdp7hVMBqe5Gmk:T0dmlV3YRzDWT0dplVMYRn

    Score
    1/10
    • Target

      tcore.jar

    • Size

      158KB

    • MD5

      8b6b5ab7e32a8c28d296e512ebcbef8e

    • SHA1

      09b390c82969efe509e1ef7cc7158a9b1a056a69

    • SHA256

      17852b53bdb8f9bf3ef5fa9de74c1e6bcee95b28b728769d18bcbb68fe76a9a3

    • SHA512

      1fe4aa3d1c8f8009e8891d324160efebeed5fe5e905da3865a6b43b9ce5d22db99182f0cd5635c727556f681db08c5381899bd3845488e4bb408eecc192cecec

    • SSDEEP

      3072:9wDD/rOmQ4o6YSWtv7mgQ79HroNYGUuVTckcAQ3gJPUGqjTh15PNIFYO8n9O:9QnbLflM7apromyV1cAig1c1EYO8n9O

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks