General

  • Target

    4fae7b14663b198b1e8caac798d2da1c_JaffaCakes118

  • Size

    4.0MB

  • Sample

    240517-m6wvdaeg6v

  • MD5

    4fae7b14663b198b1e8caac798d2da1c

  • SHA1

    f2ead25ee691e198ba14980954d809f746a4fe59

  • SHA256

    788d4e57f6cd6dbde36f3c883111b2f273731518103e01e783ba6a137be1d40d

  • SHA512

    e606566ce59ea7d473657c8892dd37a58445ae91170b28472882d76c9b659aee88c1102dd92f103d8a3cf08a1158ec852b7e7a9b37c9d1526bcf388935234cd5

  • SSDEEP

    98304:AqZPW6JYvCa67LZ+Kb3TXn7NF8lTsvfKGHS8EdfVxNgfH:AqPWf67N+K7T35F8lSfKGyX9n0

Malware Config

Targets

    • Target

      4fae7b14663b198b1e8caac798d2da1c_JaffaCakes118

    • Size

      4.0MB

    • MD5

      4fae7b14663b198b1e8caac798d2da1c

    • SHA1

      f2ead25ee691e198ba14980954d809f746a4fe59

    • SHA256

      788d4e57f6cd6dbde36f3c883111b2f273731518103e01e783ba6a137be1d40d

    • SHA512

      e606566ce59ea7d473657c8892dd37a58445ae91170b28472882d76c9b659aee88c1102dd92f103d8a3cf08a1158ec852b7e7a9b37c9d1526bcf388935234cd5

    • SSDEEP

      98304:AqZPW6JYvCa67LZ+Kb3TXn7NF8lTsvfKGHS8EdfVxNgfH:AqPWf67N+K7T35F8lSfKGyX9n0

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the phone number (MSISDN for GSM devices)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Acquires the wake lock

    • Checks if the internet connection is available

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks