General

  • Target

    4ff32b3d8e47aac218b37d5f2e2d6ec5_JaffaCakes118

  • Size

    6.3MB

  • Sample

    240517-rj57rabc2t

  • MD5

    4ff32b3d8e47aac218b37d5f2e2d6ec5

  • SHA1

    e590942c3a5799773d0d14ce599c598a4a4713c9

  • SHA256

    eaeeb55b0c30ca717e412d5a024c5b732beb768c5c8ca21ac1a8edd3030aacd6

  • SHA512

    c0807a68260ee2c16767a065be639ec4ef19760a39f68398048e5842f38879a27f620f65ef094dd2a16c008c1810dbab96c2bd5f8819aca23fe35dee5115bea8

  • SSDEEP

    196608:EEvS8qMAv5hTdCyF11h6RHQodLg/tNWVPDNtWqPqcBctMEi:EcS8qPo211hJWgFN4bNgqPRc2Ei

Malware Config

Targets

    • Target

      4ff32b3d8e47aac218b37d5f2e2d6ec5_JaffaCakes118

    • Size

      6.3MB

    • MD5

      4ff32b3d8e47aac218b37d5f2e2d6ec5

    • SHA1

      e590942c3a5799773d0d14ce599c598a4a4713c9

    • SHA256

      eaeeb55b0c30ca717e412d5a024c5b732beb768c5c8ca21ac1a8edd3030aacd6

    • SHA512

      c0807a68260ee2c16767a065be639ec4ef19760a39f68398048e5842f38879a27f620f65ef094dd2a16c008c1810dbab96c2bd5f8819aca23fe35dee5115bea8

    • SSDEEP

      196608:EEvS8qMAv5hTdCyF11h6RHQodLg/tNWVPDNtWqPqcBctMEi:EcS8qPo211hJWgFN4bNgqPRc2Ei

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Target

      __pasys_remote_offer_wall.jar

    • Size

      34KB

    • MD5

      67faab61ea860c5a1d3d5e98f6da108f

    • SHA1

      60b3d9d3bc7e9ea7cde728f5e42db11a856ae527

    • SHA256

      54ba425788c7adf7c0bd042d76ddef399933d3b6b0798386bc0b61fd565e9a6b

    • SHA512

      23475cf01bf75e0c1624a4f18f30ee4e994b9166c31141aec2fd5a5f99f86c20198ab64cf2c5a35280651a1145e447cd88e8d9fc8089975c58d0d7e68faacf84

    • SSDEEP

      768:iK+8VSMJtBfVVJQkxNU/aD/fELwGC40/MNK2ytug:iKtHBfVVrxa/IHi30/sKFtN

    Score
    1/10
    • Target

      gdtad.jar

    • Size

      69KB

    • MD5

      11f5dbbb3878a12129159e95befab508

    • SHA1

      b2ab0b31241daa951bf2078b2ef68f1c9f3ed9c9

    • SHA256

      745bb36869db21946930e482e9293c0122fffb56c5c979355cda3633979af1d5

    • SHA512

      9f8a66e4e67355655ba96afa8a665b2887e694c7eedb55b51a95ffdb4979e2e3dc52c34f2782ee318b93bf3b03c08d379b0f59a5261dad563dba939fb5786327

    • SSDEEP

      1536:emvauBJ4efD71+LigF4TGx4K8Pl5CCz9JLxzKrPZE:xvD71+egF4TGmK8Pl5Fznk9E

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks