General

  • Target

    4828525495a571ba65feb6b0d941f42a_JaffaCakes118

  • Size

    13.4MB

  • Sample

    240515-1h1ejsdf48

  • MD5

    4828525495a571ba65feb6b0d941f42a

  • SHA1

    5ffe68c387293380c776ded8003d7edb0457ee6b

  • SHA256

    4c8f2bd3a3d108d158e0ec8862b21404fc616d3d8ad0e5f8bf560089254a67c1

  • SHA512

    ef53ed394f91fda4e13b00b6ff52346be6f861fe1764784a6b03a9216936f522431c4b111294eecb998d99279fdc64a9d060ed564f467a9d2a26a9a6868922e9

  • SSDEEP

    393216:GX6TlNm+RP+4KPN9aJIn8DeRBeVLYX9wE2G5WtL:u6Tlt+fmg79wo5i

Malware Config

Extracted

Family

joker

C2

http://adash.m.taobao.com/rest/sur

https://

Targets

    • Target

      4828525495a571ba65feb6b0d941f42a_JaffaCakes118

    • Size

      13.4MB

    • MD5

      4828525495a571ba65feb6b0d941f42a

    • SHA1

      5ffe68c387293380c776ded8003d7edb0457ee6b

    • SHA256

      4c8f2bd3a3d108d158e0ec8862b21404fc616d3d8ad0e5f8bf560089254a67c1

    • SHA512

      ef53ed394f91fda4e13b00b6ff52346be6f861fe1764784a6b03a9216936f522431c4b111294eecb998d99279fdc64a9d060ed564f467a9d2a26a9a6868922e9

    • SSDEEP

      393216:GX6TlNm+RP+4KPN9aJIn8DeRBeVLYX9wE2G5WtL:u6Tlt+fmg79wo5i

    • Checks if the Android device is rooted.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks