General

  • Target

    640aec0fe2a5a2451ba1db7824f8cfec_JaffaCakes118

  • Size

    17.7MB

  • Sample

    240521-vez2qacd3x

  • MD5

    640aec0fe2a5a2451ba1db7824f8cfec

  • SHA1

    0439d55fda1e34100e27b8bf2b24f645401b657d

  • SHA256

    6d0fd07c1697fc7de65e3b0275fffbd5a7635ff4f9a9f0314900ce460b155b96

  • SHA512

    2ac178b92c918324084f5812608cd883de5d0ac7fb91099919b4202a60f387054c330988a9bec4055067a4a71af6fdf5159bf4972d2ae512639e910f9365fa15

  • SSDEEP

    393216:xBNfv/7CuqQkxPxBFy5nfJQGmcla+KmMCkTbU/kvNhgM:xBZzjq/i5Usb1AI/ShgM

Malware Config

Targets

    • Target

      640aec0fe2a5a2451ba1db7824f8cfec_JaffaCakes118

    • Size

      17.7MB

    • MD5

      640aec0fe2a5a2451ba1db7824f8cfec

    • SHA1

      0439d55fda1e34100e27b8bf2b24f645401b657d

    • SHA256

      6d0fd07c1697fc7de65e3b0275fffbd5a7635ff4f9a9f0314900ce460b155b96

    • SHA512

      2ac178b92c918324084f5812608cd883de5d0ac7fb91099919b4202a60f387054c330988a9bec4055067a4a71af6fdf5159bf4972d2ae512639e910f9365fa15

    • SSDEEP

      393216:xBNfv/7CuqQkxPxBFy5nfJQGmcla+KmMCkTbU/kvNhgM:xBZzjq/i5Usb1AI/ShgM

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks