General

  • Target

    5705efd0bb46b54917be227797f582bf_JaffaCakes118

  • Size

    31.3MB

  • Sample

    240518-1w5anaaa21

  • MD5

    5705efd0bb46b54917be227797f582bf

  • SHA1

    35256b8f8e18bea9b42e09e16052ae6d64399855

  • SHA256

    267f006ffebca36ffbdba8470e55ffb8dfcef15a2096034549abc67acbbc5400

  • SHA512

    dad0c874f44740414677e3bb3c2eb9426946b707e1baccc5bcaa0e52a110a832a56b292b798adaa4975fe331195d2cdf5359ae69539af2a173169aa2cbf0852d

  • SSDEEP

    786432:STxq4GZjbjH2FyE8UyGGH4od67VpbZ+0VNn1J3vXDo:STB8bVnfQJNZ/jfDo

Malware Config

Targets

    • Target

      5705efd0bb46b54917be227797f582bf_JaffaCakes118

    • Size

      31.3MB

    • MD5

      5705efd0bb46b54917be227797f582bf

    • SHA1

      35256b8f8e18bea9b42e09e16052ae6d64399855

    • SHA256

      267f006ffebca36ffbdba8470e55ffb8dfcef15a2096034549abc67acbbc5400

    • SHA512

      dad0c874f44740414677e3bb3c2eb9426946b707e1baccc5bcaa0e52a110a832a56b292b798adaa4975fe331195d2cdf5359ae69539af2a173169aa2cbf0852d

    • SSDEEP

      786432:STxq4GZjbjH2FyE8UyGGH4od67VpbZ+0VNn1J3vXDo:STB8bVnfQJNZ/jfDo

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Target

      kyx_data

    • Size

      3.6MB

    • MD5

      7b303ed0278ecd45e9dfd24ac7585fe6

    • SHA1

      618a10ab980dbf76a90c09d3e7579aafccf85040

    • SHA256

      a5d7512b741107d6279d08556ad5baee40efac5e0ca0259f0f434daa0e5efdce

    • SHA512

      c6d3b08d7f2deebd3a816ee6e61da1562ceb4460bd26c1ee4945824affc9710996fde7a16b0d9ce5241f3010b89d4c1d5ccebabea2809f87ee448b83b5fecc0a

    • SSDEEP

      98304:XCLBOUCaA30tumBfOs9E0gjzOiu0aePJ8yQ04gQWaqdbYWM:4d8kFfS0gjTu0HK84gQWaGm

    Score
    1/10
    • Target

      AdServer.apk

    • Size

      1.1MB

    • MD5

      ea9fc2de2713d361828a7165d3f03143

    • SHA1

      3b224e1a4d0c48490a1a59658ba65f544d9d94f5

    • SHA256

      6ba8f554ff53f40d4e822a19dd0861dbb9216223de8e6080dd21797693cade2a

    • SHA512

      a5294c01891c0b3decc69eb71f4be4499c57525b137df0ab7b8e885f00e59a4aacf86048cee212e05311f18e22859f59c1ccf08768b2a4e1a59043bef93bae5c

    • SSDEEP

      24576:sexlNPLCOJqI7efCr8vTbmTttkKilybtQqjAysPf0+Ym4Hf+:zBOU7ear830tup4BQq9awm4Hm

    Score
    1/10
    • Target

      analytics_core.apk

    • Size

      159KB

    • MD5

      d2e90bb505f20fc73baf25805b0273aa

    • SHA1

      240fbbfda194a65761baed6f3546bc4c744a1850

    • SHA256

      77060ad812f5e6e9e896c39bc548f8295238eaa9941e1986e8e024e7d2114309

    • SHA512

      c2ef3f79b6cfb171b0904ff8138238cbf985344d91d6d9ec35472d14233d1b108cc0234259e8286cbb099747cc8d9d2f74c8c7394ab3a6dcfc2cc95e168c8c85

    • SSDEEP

      3072:/vnDHScqJUCqi8p27PhJkqOjvxSWnNoPuKAaSWk8V4rpCPd7H7sl3eX0emR7KDD:7ScaCioePDaZdnNdFDJCPJoKvmtiD

    Score
    1/10
    • Target

      gdtadv2.jar

    • Size

      127KB

    • MD5

      6908bde3c0b57a2a5a44acc88d11acfb

    • SHA1

      a4c06ad5d350dffecafcfaf28cc49a2ac8c59b0e

    • SHA256

      526cea1af82164da4519013f0b8df0c7eebb4987cfd66fb59fa04d4560aad460

    • SHA512

      19aec72e94381a846bf5834ad38af5b7701f0d242d33286e8650c15dacdb4e27c9b5fb2222a4f6a657758df1cfebc1862670f568a76b9f1adab535da2a597bb0

    • SSDEEP

      3072:x6aPP2Y+Li8x9zRMCnq9kHC73v/2z/0TMfyhzpzKb/p:xH6LtbnJi72DXyCDp

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks