General

  • Target

    58ceabdae38ce170b9b0169a9af9d455_JaffaCakes118

  • Size

    17.0MB

  • Sample

    240519-gbzd5acg6w

  • MD5

    58ceabdae38ce170b9b0169a9af9d455

  • SHA1

    6342890af9fbcf85e65de0f4429bcf41de490868

  • SHA256

    ffbdf07351815896e8f2e1c93f7f3a0c401cebef7076c8f3c37f8126c02a70f0

  • SHA512

    00abe27bbc4501efe16dc511ea3bc8581d46cef7f0927a9e64c726824b4b898324c582826dc0913027901b83c1fcc13bb1535dd15ec2153d53c495ca6242a36a

  • SSDEEP

    393216:4mKhqEvQnselilzVdP7yp1L48U2Le4GOcTRLDKuK:4mKffX+0Bog54

Malware Config

Targets

    • Target

      58ceabdae38ce170b9b0169a9af9d455_JaffaCakes118

    • Size

      17.0MB

    • MD5

      58ceabdae38ce170b9b0169a9af9d455

    • SHA1

      6342890af9fbcf85e65de0f4429bcf41de490868

    • SHA256

      ffbdf07351815896e8f2e1c93f7f3a0c401cebef7076c8f3c37f8126c02a70f0

    • SHA512

      00abe27bbc4501efe16dc511ea3bc8581d46cef7f0927a9e64c726824b4b898324c582826dc0913027901b83c1fcc13bb1535dd15ec2153d53c495ca6242a36a

    • SSDEEP

      393216:4mKhqEvQnselilzVdP7yp1L48U2Le4GOcTRLDKuK:4mKffX+0Bog54

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the phone number (MSISDN for GSM devices)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks