General

  • Target

    54b617efa1fef3dca2aa9f5206281d4a_JaffaCakes118

  • Size

    18.2MB

  • Sample

    240518-pmgmfsbd9s

  • MD5

    54b617efa1fef3dca2aa9f5206281d4a

  • SHA1

    e7cff22e76520f416900709c7ff4c670c09bbf61

  • SHA256

    b29353c2cb19ac41401c9e1868bd7ab2a1e501cc5983ae443e39fba368c1f5eb

  • SHA512

    558fe966d71eda9d72fd10bb289c73b016deac4687201b951d6631b3b3c7bc363ba9b56732d7ebb2b5e0ebc1f9a076cae7de17f021691398f729072793a28d82

  • SSDEEP

    393216:TpwBG7NhtmRno/Rb7KKqX2qgJe9iIO2c6faWZw7ECNUk:iEPt8o/RQm13N2FtZynh

Malware Config

Targets

    • Target

      54b617efa1fef3dca2aa9f5206281d4a_JaffaCakes118

    • Size

      18.2MB

    • MD5

      54b617efa1fef3dca2aa9f5206281d4a

    • SHA1

      e7cff22e76520f416900709c7ff4c670c09bbf61

    • SHA256

      b29353c2cb19ac41401c9e1868bd7ab2a1e501cc5983ae443e39fba368c1f5eb

    • SHA512

      558fe966d71eda9d72fd10bb289c73b016deac4687201b951d6631b3b3c7bc363ba9b56732d7ebb2b5e0ebc1f9a076cae7de17f021691398f729072793a28d82

    • SSDEEP

      393216:TpwBG7NhtmRno/Rb7KKqX2qgJe9iIO2c6faWZw7ECNUk:iEPt8o/RQm13N2FtZynh

    • Checks if the Android device is rooted.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      blue.skin

    • Size

      132KB

    • MD5

      7921fce18f8cfc5ead84c4fed43e17f4

    • SHA1

      93227bc94b1aa60b8efcaab888640c38343d696f

    • SHA256

      c59da9a276b9566d8bf93ed2aff420185cef481c94d537bc2f67e099c1f5a0a2

    • SHA512

      24e315127bd60d5895da1edb6c9e44e01a670889d1a84beccab2a5215750094e1eaec9c320bde8cbfd30c2066142ac73fc93530d142d051f293042d8d9ca1882

    • SSDEEP

      3072:aM5ecpLAhBUWUbl1nbSM/tMHC01TiFD4+9CrVfQ:asKj8b9f0c4es5Q

    Score
    1/10
    • Target

      chunjie2019.skin

    • Size

      52KB

    • MD5

      0008211f603ce4caed742309f8d8bee6

    • SHA1

      057ae58f3af17b19a609dc562bc054aa74a86e63

    • SHA256

      c98df9871162d4e1bf8acb57485d7cd870758117ddebaee56c4b4367c477d409

    • SHA512

      f1872d17aed35f3ce393314705b07707c470c01da022a345af2ed5ae82b775360f2f607fe09229118556e14aed288fc17fb34288c12f04c6a06a7fc9115a8ca8

    • SSDEEP

      768:KrOopLJ68b2MlBDvTukWEx4UfEfZIWugr6CbgbXyQ1I9nbLNOfFXazJV0iTO07:KrOsJXbjXLCxfZhj6CbgG7nbia1rTOu

    Score
    1/10
    • Target

      fifa.skin

    • Size

      192KB

    • MD5

      474f24a54a283635b513496689f6baaa

    • SHA1

      03541581f779d068b406c3761000a970e8b816f2

    • SHA256

      537a2f8b040a298e1839dd8defa4be7ce7d0f028e5cc8ac97c82939e5ea303ad

    • SHA512

      d2202e9df964a1728153f6e00049d16944db2b9f20f0d82bdf2c01215eeed20bec7699ad5fd4008b30fd1880dde6a5ee3e37fb6aecfa89bcfa7ed457a3d5f8f7

    • SSDEEP

      6144:sPKH+hJa2A/puoxoAjBF+9/5mU6PluA8Mtze3s:sP9hJWxpFCmXluAvtzH

    Score
    1/10
    • Target

      gdtadv2.jar

    • Size

      639KB

    • MD5

      2a790fd5de797b91ec2039008c6b5e0e

    • SHA1

      5c28490eee21201bc596c1ca4c9bb546c5be7393

    • SHA256

      80681ec3d7b66ba02b3baaec467c90c75fd21d4d9eed3370e3e7a1a717bb454a

    • SHA512

      82b89bf7320802e26f55d6aa6b8f4056821f9159389e9ebff6ec3075daf8cda30d2a7449047310e64370be84b5cc1f9b9dc3e252582afb508129abd1c08b9c6c

    • SSDEEP

      12288:Oqo1h48mUSsielxZE3OdKzoFs3rAn26iwpYGIDD5tw/wDwkG3:Oq8h4CSs9xZjwrO28YGotw4cV

    Score
    1/10
    • Target

      ruantang.skin

    • Size

      63KB

    • MD5

      4799305769c82bcd0eb8659fafc2c7dc

    • SHA1

      7ea31e67ae1daeee9cb69ea1adf60b09450e5f05

    • SHA256

      3ddf5b33d110fc4a78cc5b02bbe171e1e358ed6d9b423aa7e02e63a9d92eeff3

    • SHA512

      a8768f3fd5ded67406849dfdf3761765fd15c6398aa2aa2ffbb6c20ebd02d20d90e39b356babc838dbf69f29cacdb92e8067c9ea0095f53f49f7fc295be5807a

    • SSDEEP

      768:BAVDIMuiRLHX7BzAXTCSAH7nsW7WrCmYUM9SX92Y6hn1Jj6ctjSHsZ/IZuMQjM/b:BCMHi12CdbnGJM8e11vtuHsZQQ0b

    Score
    1/10
    • Target

      spdex.jar

    • Size

      760B

    • MD5

      bd3722096241f5f437f9db5053261d02

    • SHA1

      7208e0dff844800b57ee693e9f3c3f7cb4f908a9

    • SHA256

      f8bffa2787d64e284dd4aa5ceb7ee65df5c8d6610396ab21ba321fd6753eacb4

    • SHA512

      c2aaa80a549284f1950718a98e3832ba38344ccd2b0eeb4500ea305daf27a5f854ff73a09d4147509785c71b7c647053f22b04b086b9d725e6a286f2b04a8ea7

    Score
    1/10
    • Target

      vip.skin

    • Size

      23KB

    • MD5

      02e87ded070dff31fec1ddbae19b891d

    • SHA1

      f2a4e69e487a1479ffd50b61519703021bdaac0a

    • SHA256

      2e22c6d2577d55a5aadcf2baddbf3840c8bec58a0baab813c517101c42c4e961

    • SHA512

      3aa4ea6dc34b59f3d25933f6486e1d6a581dc699371f5949dc8cc8537ccdb9f8194a9a85cae68532002184b28cfe3c3078f4d6aafdb3c8fd2ccb62f86dd04845

    • SSDEEP

      384:e9OX7W9ONXl180jDputjXO4thtsOLBu8WdtjgU3g1vgtV7I:euWI7H3psj+4dBMdxC7

    Score
    1/10
    • Target

      xiaoyongyuan.skin

    • Size

      84KB

    • MD5

      621c56ae2a51e990941e53cf9bd0c262

    • SHA1

      ed74fd3b01e3edd2aee05bf6357b926017b5a5fa

    • SHA256

      020a5abd15bd04a48d470541e4e1f87d888601bac0607780735243ccca859923

    • SHA512

      f404a373e35786ffc3d8c464a115e97a35db92133e65b3e0362e302552c35a55ea8901634ce527248926bee671a6b0e47536f309ca623cf7db7cca139b035159

    • SSDEEP

      1536:hpvc+EoIdeKeKeKeKeKeKeKeKWSHLAY8xreSL/VDhokKPaR+x3LVAZBf5:hpvc++deKeKeKeKeKeKeKeKWOL18p3t9

    Score
    1/10
    • Target

      xiuxian.skin

    • Size

      156KB

    • MD5

      9119abec9a4e1b655e8e943078d2129a

    • SHA1

      18e6c54331610a01d8232dae790cdaa284b1830a

    • SHA256

      2085111f93e96cd976aaa8b173a1bee0c0853cd4025e3b24c56663edf548fd89

    • SHA512

      52a5f4deef48e1c71b5cf42d16d323ec05ee8be2662f95cad6ec16edbba5fef1ec8f28cedff58a6ac1952090b1ca23c6923acc67883fbde0a994b6d4175c2226

    • SSDEEP

      3072:a4/Jb4IfZoJ5/ACC1kb8btQqKoaFv8s+TiSRAbiz8YPkAJ0jl:a4/JUIxiG1yYGqZsuiSRAbrYMA+Z

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks