General

  • Target

    3e6532906d27709600e317f815862ca5_JaffaCakes118

  • Size

    23.7MB

  • Sample

    240513-jfrk7aff66

  • MD5

    3e6532906d27709600e317f815862ca5

  • SHA1

    cf6b4ccf7bfdd8611da7c34ba230d5f8d8000d33

  • SHA256

    e03b703cdae606354f6c902d50e7f42b80fd5289ed420c862162c591e8436d0d

  • SHA512

    c03769b9fcdf79c3b547ba91bdaa77febd0d2c60daf3714573c0cc1012d74b50b599606cf92e0d97ede23279ac97eab671854eae27c72c5a7073ffffaceabd8c

  • SSDEEP

    393216:V7yRVYX2kgGYngbQjEy5y/Q6BTZ/zw8kHlC2EQNzjTMhOkHMHH/bijgaOZC5M85K:oIynLjEj/Q6BTxzkFCvQNIO7HH/+jgPn

Malware Config

Targets

    • Target

      3e6532906d27709600e317f815862ca5_JaffaCakes118

    • Size

      23.7MB

    • MD5

      3e6532906d27709600e317f815862ca5

    • SHA1

      cf6b4ccf7bfdd8611da7c34ba230d5f8d8000d33

    • SHA256

      e03b703cdae606354f6c902d50e7f42b80fd5289ed420c862162c591e8436d0d

    • SHA512

      c03769b9fcdf79c3b547ba91bdaa77febd0d2c60daf3714573c0cc1012d74b50b599606cf92e0d97ede23279ac97eab671854eae27c72c5a7073ffffaceabd8c

    • SSDEEP

      393216:V7yRVYX2kgGYngbQjEy5y/Q6BTZ/zw8kHlC2EQNzjTMhOkHMHH/bijgaOZC5M85K:oIynLjEj/Q6BTxzkFCvQNIO7HH/+jgPn

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Target

      AdServer.apk

    • Size

      1.1MB

    • MD5

      73c2ac27961b9db4274ca13a178c0fa2

    • SHA1

      3d1b1a8f6c9bc63fc88068c71e98bbe70797d03e

    • SHA256

      751012d560a3c16a6f377f403ea12b9c6805a279d84c08210f9a5543c5bef42e

    • SHA512

      591bf3bd1316189616aed273c5bdcb49ed1c46fc7bdf6ee1db9ce11b317dbfda5477989cc3ceafaa2e02dc6555afa1ac4ba872ea27d9a8ae9b5a9ac3abadcef8

    • SSDEEP

      24576:ceJTiQnLEw7efCr8vTbmTttkKilyMtnqjAysPf0+fm4Hfr:D4w7ear830tup4anq9a3m4HD

    Score
    1/10
    • Target

      MiGameCenterSDKService.apk

    • Size

      5.2MB

    • MD5

      f32ab0ab2ed58691ba1f4fbd46be3506

    • SHA1

      89b2abe5a52714b55e7a6b5245f786f7be6d23f9

    • SHA256

      25ee37926cb10bf50f51ce817513059ade7ecbdf589142ab05e56ee2dcc94fd2

    • SHA512

      a75e0a12d1c216fc528577d1ef52d81e597e259f114ca8fb2af8fb9329cad1c86636408bb55b9bb5bb08583df96615f54590c142a8a736f9a089e322aa890e46

    • SSDEEP

      98304:ayrBRZZz1VGiDp05BrS0FTS40PY7lzYga7qYcsnsnEX/n1PI3:H1LZJ/pmBrBS45lU7qBssnEP+

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Target

      unicom_resource.dat

    • Size

      45KB

    • MD5

      b7b9f657da1f868a6b321dc2e6761eda

    • SHA1

      1f6a3a5f6af9ecabaa4018f747988cda7b60ca6c

    • SHA256

      a491c5e41b81127ff86d9ac9a5c23b3c63a026d5ea2e464a1d615e3b0225c1b9

    • SHA512

      5bb939512d4c4403896c87922974b99bc60755f7ee2a3840c5faeffd146b4dee97e089f808b3df25fa3041236ef1f63c78dd4c4383c0ab8e734542638033b003

    • SSDEEP

      768:foUlrwIc3/D+PM9pdN0KIv+ciFWAkEsDVop56mAlNZ6B/pEBTb7PZ6dkB1VXN65R:foUJwIAD+Cpd6KZilNZ6B/pgH7x4kB9A

    Score
    1/10
    • Target

      VivoUnionApk.apk

    • Size

      2.8MB

    • MD5

      d68016b2adce941c1f70cc103fe81413

    • SHA1

      133b3f1e4eeb679995ed1bd6d9613e126a5eff96

    • SHA256

      244bff265ace7a1fa6ff992ffc632aa1f4da2ea78f94af7b4cec178815f3cdd0

    • SHA512

      d347c1bf29e329e5454357083b404dd6eb1ab75852049b165728251c75b9e1a83d57d70b3c3d04669b42379e56044c61513b4a71ae0af95b9d4457d6d6651292

    • SSDEEP

      49152:ShaFQ2XpbmTLRgelMW2PxcBS2y3TLJvFU+5T1fb9aoRxoSHszZOdAJ1JLeieNr/:On2ZCTtph2PDyM1xHxoS6ZOdAJ1JiieN

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Target

      analytics_core.apk

    • Size

      159KB

    • MD5

      d2e90bb505f20fc73baf25805b0273aa

    • SHA1

      240fbbfda194a65761baed6f3546bc4c744a1850

    • SHA256

      77060ad812f5e6e9e896c39bc548f8295238eaa9941e1986e8e024e7d2114309

    • SHA512

      c2ef3f79b6cfb171b0904ff8138238cbf985344d91d6d9ec35472d14233d1b108cc0234259e8286cbb099747cc8d9d2f74c8c7394ab3a6dcfc2cc95e168c8c85

    • SSDEEP

      3072:/vnDHScqJUCqi8p27PhJkqOjvxSWnNoPuKAaSWk8V4rpCPd7H7sl3eX0emR7KDD:7ScaCioePDaZdnNdFDJCPJoKvmtiD

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks