General

  • Target

    62bb4f928ade7fa2bdf25bd9fb21ddda_JaffaCakes118

  • Size

    12.0MB

  • Sample

    240521-kzkgnafe68

  • MD5

    62bb4f928ade7fa2bdf25bd9fb21ddda

  • SHA1

    6fafb32e6d6903a52207c455bdb061894fab27da

  • SHA256

    c51f962f13b03a1d2d29c156b2c3e2591aa005302488e220d1fc7a1437a79c21

  • SHA512

    b3a8eda0af549404c8c18f82dd1126ecdf35010ed3c0dc6c04aa3bcd1ddd22d9452feddbda0e3b48819acb245279fc7add3a92ae0e0b903c8b4be619502e4e1c

  • SSDEEP

    196608:ZTFglLAeW3simSmcqEvcEB8awNxxwsoBJeSje1vROkHCv5ex+liNLR:uLAeDSmzTE6rVwdBJApr+lw1

Malware Config

Targets

    • Target

      62bb4f928ade7fa2bdf25bd9fb21ddda_JaffaCakes118

    • Size

      12.0MB

    • MD5

      62bb4f928ade7fa2bdf25bd9fb21ddda

    • SHA1

      6fafb32e6d6903a52207c455bdb061894fab27da

    • SHA256

      c51f962f13b03a1d2d29c156b2c3e2591aa005302488e220d1fc7a1437a79c21

    • SHA512

      b3a8eda0af549404c8c18f82dd1126ecdf35010ed3c0dc6c04aa3bcd1ddd22d9452feddbda0e3b48819acb245279fc7add3a92ae0e0b903c8b4be619502e4e1c

    • SSDEEP

      196608:ZTFglLAeW3simSmcqEvcEB8awNxxwsoBJeSje1vROkHCv5ex+liNLR:uLAeDSmzTE6rVwdBJApr+lw1

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      adbase.jar

    • Size

      112KB

    • MD5

      120fa34bbcbabdf144c2ccab45db5017

    • SHA1

      6f79a0de7e1398440cfcc37e10bb0088b7e8b5e2

    • SHA256

      65b910040ac1f627cd11b21507ae74daf449da456f3847ad80af29958c42be82

    • SHA512

      9e979a5d8609283ff6bc108c0e3c9ae033ede02b069b8147f759ae31d097f426f2c949d386a212c8669ba448081b6fe9ad79f1367fe407e206d6c4f5647875e4

    • SSDEEP

      1536:glFeC3ACHlSHDFbbjRirBYNdsi6pUOFxyI0EW0OaHGcuQOBkNrp5mR0sheg3:Gj3ACHIFEdoSi6pVDyB0RmcuQOBkxJzC

    Score
    1/10
    • Target

      gdtadv2.jar

    • Size

      420KB

    • MD5

      f0ee7f7dd1ef4e5cd436ed6e1c609e5a

    • SHA1

      7d112abb7896294b075721b0200f0812ed65a418

    • SHA256

      0906bca7332f10d1bdc98b04eb5ad9de2af5da0590b5615aa5f66852b78d9369

    • SHA512

      5912538f74fcbe24bba5e3eef2804fd160ccd002bf144e30dd910c9d52d6a3e2dc172a3baa1f6d64ed93346a9b1d4760ae17ec6d1c7c8a4de8cb9264b82bf2be

    • SSDEEP

      6144:mQCx8Rp2KiQB/B4Qfdw3Vr/+rwWTLAUq3PwB32k59CruFIBSSAOC8hkIwx:ok/z/BJfdUW8W8ho4k59tSaOCckIS

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks