General

  • Target

    3eea07d55f521069ced1d0629223c510_JaffaCakes118

  • Size

    30.7MB

  • Sample

    240513-lxyryahc2y

  • MD5

    3eea07d55f521069ced1d0629223c510

  • SHA1

    5ac7a7917c2f785853854a5f78c5b33ddd8b9fc4

  • SHA256

    e1d9663ee5675dd80fde44d6e2eae2654af993c98f0cb0a05b709a86082168ae

  • SHA512

    d1c4f209a995b046231251de5ed883b0e7f50276957ed717046cca9af90f7aa3955aea8b4d1b0b2b8b75eddd5caa10d53974e1bb6f4470feaf857c17f3db326e

  • SSDEEP

    393216:69x1kIYqQwDTUELUAs83IcMNx8OI7qQIecD1+epi/HPNVokALw5KPTg:6GIPQwTUEYa4/8OI+Qk10vBVag

Malware Config

Targets

    • Target

      3eea07d55f521069ced1d0629223c510_JaffaCakes118

    • Size

      30.7MB

    • MD5

      3eea07d55f521069ced1d0629223c510

    • SHA1

      5ac7a7917c2f785853854a5f78c5b33ddd8b9fc4

    • SHA256

      e1d9663ee5675dd80fde44d6e2eae2654af993c98f0cb0a05b709a86082168ae

    • SHA512

      d1c4f209a995b046231251de5ed883b0e7f50276957ed717046cca9af90f7aa3955aea8b4d1b0b2b8b75eddd5caa10d53974e1bb6f4470feaf857c17f3db326e

    • SSDEEP

      393216:69x1kIYqQwDTUELUAs83IcMNx8OI7qQIecD1+epi/HPNVokALw5KPTg:6GIPQwTUEYa4/8OI+Qk10vBVag

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks