General

  • Target

    5532b6ec2fc16f6fd392c3f8bf0ce825_JaffaCakes118

  • Size

    7.9MB

  • Sample

    240518-rvl81sga64

  • MD5

    5532b6ec2fc16f6fd392c3f8bf0ce825

  • SHA1

    977e88ff5e5f2d011e8e24141d42867919e40b53

  • SHA256

    75a740ac09e021ac44f55fa0e13df1915bfa1de54dddcb4877ea1ca02ed5a2c7

  • SHA512

    38770511428d00ac2c9487e6d2c14ff99284660480071e27aff4cf958ea124099c82ea059e9f6d579cc813830eae3fd954d58133dd547b705ed38300232af139

  • SSDEEP

    98304:bekdzffWXqJ7qIbzSaneRcnbeID3saLqrVLtKxqCnik8Az49RtD:bekZfuXqvPSsycRWrnKxPikDc9RtD

Malware Config

Targets

    • Target

      5532b6ec2fc16f6fd392c3f8bf0ce825_JaffaCakes118

    • Size

      7.9MB

    • MD5

      5532b6ec2fc16f6fd392c3f8bf0ce825

    • SHA1

      977e88ff5e5f2d011e8e24141d42867919e40b53

    • SHA256

      75a740ac09e021ac44f55fa0e13df1915bfa1de54dddcb4877ea1ca02ed5a2c7

    • SHA512

      38770511428d00ac2c9487e6d2c14ff99284660480071e27aff4cf958ea124099c82ea059e9f6d579cc813830eae3fd954d58133dd547b705ed38300232af139

    • SSDEEP

      98304:bekdzffWXqJ7qIbzSaneRcnbeID3saLqrVLtKxqCnik8Az49RtD:bekZfuXqvPSsycRWrnKxPikDc9RtD

    • Checks if the Android device is rooted.

    • Removes its main activity from the application launcher

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks