General

  • Target

    646fda730338bd937f8d72555ce25904_JaffaCakes118

  • Size

    6.0MB

  • Sample

    240521-xvn1hafd7v

  • MD5

    646fda730338bd937f8d72555ce25904

  • SHA1

    784b57cacfbc09689756404488adcce60f72d459

  • SHA256

    05eac2955df3cc2b34ed3447fbf104f7ebee1939902c529f49c1c313563cf909

  • SHA512

    3b390ef0cb6edfd8337c59d7d2d040ff1c99e94960bb1eea1b75b98c171325575b952e202599b24f91ffd69bc5e51dc11d092b61d7d2657d55d44c674554791a

  • SSDEEP

    98304:pmpWi4RBpM+A9S6YpiHowGi0fRou0Y/YjbQiWcrfyvkaf2I/4V7Gbf3J+3ZQJmSF:pmpJ6MV9qiIdRR0Y4bmcrfyvf2IeGbfz

Malware Config

Targets

    • Target

      646fda730338bd937f8d72555ce25904_JaffaCakes118

    • Size

      6.0MB

    • MD5

      646fda730338bd937f8d72555ce25904

    • SHA1

      784b57cacfbc09689756404488adcce60f72d459

    • SHA256

      05eac2955df3cc2b34ed3447fbf104f7ebee1939902c529f49c1c313563cf909

    • SHA512

      3b390ef0cb6edfd8337c59d7d2d040ff1c99e94960bb1eea1b75b98c171325575b952e202599b24f91ffd69bc5e51dc11d092b61d7d2657d55d44c674554791a

    • SSDEEP

      98304:pmpWi4RBpM+A9S6YpiHowGi0fRou0Y/YjbQiWcrfyvkaf2I/4V7Gbf3J+3ZQJmSF:pmpJ6MV9qiIdRR0Y4bmcrfyvf2IeGbfz

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks