General

  • Target

    59016d4f26b5314555f75ac99d8aa1b6_JaffaCakes118

  • Size

    12.0MB

  • Sample

    240519-haeh1aee61

  • MD5

    59016d4f26b5314555f75ac99d8aa1b6

  • SHA1

    1f1602ba6c118e3b6c865a6a351e07e27f49b5ce

  • SHA256

    7c44e556e3864b03b733c0a7e3db4867926c9ae31d227e00ba4bccee88890f17

  • SHA512

    a667323e4f4387b073eb113370bb38a0e045edc7b0b77be784e3b8e0254e2f368424049971d28c515a52d9687c637035a0b2631ee612c1d0ec47645887c28998

  • SSDEEP

    196608:QkFMbLSFS0XUa0t/gSo/2RsTxZnr2T2oFkGa9KM1Z1aoDtZn8xjmJncKY+wKpluu:FFU0mt/gBhnCTMLgesozQmSKY+tplTYE

Malware Config

Targets

    • Target

      59016d4f26b5314555f75ac99d8aa1b6_JaffaCakes118

    • Size

      12.0MB

    • MD5

      59016d4f26b5314555f75ac99d8aa1b6

    • SHA1

      1f1602ba6c118e3b6c865a6a351e07e27f49b5ce

    • SHA256

      7c44e556e3864b03b733c0a7e3db4867926c9ae31d227e00ba4bccee88890f17

    • SHA512

      a667323e4f4387b073eb113370bb38a0e045edc7b0b77be784e3b8e0254e2f368424049971d28c515a52d9687c637035a0b2631ee612c1d0ec47645887c28998

    • SSDEEP

      196608:QkFMbLSFS0XUa0t/gSo/2RsTxZnr2T2oFkGa9KM1Z1aoDtZn8xjmJncKY+wKpluu:FFU0mt/gBhnCTMLgesozQmSKY+tplTYE

    Score
    1/10
    • Target

      GbaBios.bin

    • Size

      173KB

    • MD5

      7b48f99c446a56a92d13fc5f12288c38

    • SHA1

      dcd91a94a1feef4cc1d118c1bc36af1656ff174d

    • SHA256

      816902665ecb91d8ed16de13390cb2107c0b0cee300ed8325b43cebdafa887b3

    • SHA512

      bf9e1df5420dc65fa81e7e415b64ca11880ae11fe90bace56f3b4682c31420270756b9a92e08f7569d683c51d51436a145d5dff6d927ce8cbbb0f08c11f6f6d1

    • SSDEEP

      3072:Nax5Le61pN09hA+uYbICsViXsy4fJcggMmjClbzl81kiJAL5T4w9:NQF1poEYkjYXN4fClMQAzqkiuL5TT9

    Score
    1/10
    • Target

      bibei.apk

    • Size

      656KB

    • MD5

      99776a812f634f9afef10ed730db742c

    • SHA1

      7700196f5aecd2f9a5dab6b359a8f35c99cfd570

    • SHA256

      435f21f8bcd10769f9b5e374bc6329cadebdd7372b27d5c35ebb679d2fc89df0

    • SHA512

      42c8074697f7ff15bd381d5b6db6e25a796d8aee9e26d7238622333e475c34e3a71d544d8278e0cafb9bd876ae55f731e61093d783d7c7a4345c2826697d6bd1

    • SSDEEP

      12288:ZeaunND/l/zcsOI/349R9HlbbhgYs18vBkXPaFfYazW6Qoz6o:ZeDnND/RtOK3GnHxbhgYGOBkXgfi45

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks