General

  • Target

    5806cebacf767492da3612216e23cc36_JaffaCakes118

  • Size

    31.1MB

  • Sample

    240519-cgybssda48

  • MD5

    5806cebacf767492da3612216e23cc36

  • SHA1

    cdaceef1040e04d8d1c59afd83aec2c4d8f52412

  • SHA256

    9003085a97494fb60031783d8c79ea83b902fdab7dc329ce02ead81074814e58

  • SHA512

    3cc67e35e6b0b21353397bed2adb4b1e3402b65702ebc0af2fee9f43a7286cf302fc6cbee24919533c8366a902781b21625631e5ff1fdefc4e9a7b075baef34a

  • SSDEEP

    393216:1fsLCH9ex5gs4tY0qoZoBg/vm6J94bAGE81665kRJbsfdjuGNwFmUbaB6p1fR:1js5gsO8o//JmbAM6zJbsfx5NNb6h

Malware Config

Targets

    • Target

      5806cebacf767492da3612216e23cc36_JaffaCakes118

    • Size

      31.1MB

    • MD5

      5806cebacf767492da3612216e23cc36

    • SHA1

      cdaceef1040e04d8d1c59afd83aec2c4d8f52412

    • SHA256

      9003085a97494fb60031783d8c79ea83b902fdab7dc329ce02ead81074814e58

    • SHA512

      3cc67e35e6b0b21353397bed2adb4b1e3402b65702ebc0af2fee9f43a7286cf302fc6cbee24919533c8366a902781b21625631e5ff1fdefc4e9a7b075baef34a

    • SSDEEP

      393216:1fsLCH9ex5gs4tY0qoZoBg/vm6J94bAGE81665kRJbsfdjuGNwFmUbaB6p1fR:1js5gsO8o//JmbAM6zJbsfx5NNb6h

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads the content of photos stored on the user's device.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    • Target

      gdtadv2.jar

    • Size

      420KB

    • MD5

      f0ee7f7dd1ef4e5cd436ed6e1c609e5a

    • SHA1

      7d112abb7896294b075721b0200f0812ed65a418

    • SHA256

      0906bca7332f10d1bdc98b04eb5ad9de2af5da0590b5615aa5f66852b78d9369

    • SHA512

      5912538f74fcbe24bba5e3eef2804fd160ccd002bf144e30dd910c9d52d6a3e2dc172a3baa1f6d64ed93346a9b1d4760ae17ec6d1c7c8a4de8cb9264b82bf2be

    • SSDEEP

      6144:mQCx8Rp2KiQB/B4Qfdw3Vr/+rwWTLAUq3PwB32k59CruFIBSSAOC8hkIwx:ok/z/BJfdUW8W8ho4k59tSaOCckIS

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks