General

  • Target

    679b1be11616efb8e3aabcbd679c344e_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240522-r1nzssef8w

  • MD5

    679b1be11616efb8e3aabcbd679c344e

  • SHA1

    ab1606c851d8f2a800f57bd6d8cf6ff868db68bc

  • SHA256

    b895e8d27a676d5d3559e64027a0e0480848abf1aaa6bf8816b57239f9681228

  • SHA512

    20de519d8d6c519c53f126a5602c6dde38f650521cdfe67cdd02a542aea7c9b3af087d8b354f72a4a152ba8a8ea65ef92c7c4a3234f2d25b21e8321f8dacb814

  • SSDEEP

    49152:qmJgNofS40Hn7thEtP4M4k1oLfKQmnA73ZWw:ZgNoFKQ4bAszmo

Malware Config

Targets

    • Target

      679b1be11616efb8e3aabcbd679c344e_JaffaCakes118

    • Size

      2.0MB

    • MD5

      679b1be11616efb8e3aabcbd679c344e

    • SHA1

      ab1606c851d8f2a800f57bd6d8cf6ff868db68bc

    • SHA256

      b895e8d27a676d5d3559e64027a0e0480848abf1aaa6bf8816b57239f9681228

    • SHA512

      20de519d8d6c519c53f126a5602c6dde38f650521cdfe67cdd02a542aea7c9b3af087d8b354f72a4a152ba8a8ea65ef92c7c4a3234f2d25b21e8321f8dacb814

    • SSDEEP

      49152:qmJgNofS40Hn7thEtP4M4k1oLfKQmnA73ZWw:ZgNoFKQ4bAszmo

    • Removes its main activity from the application launcher

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Matrix

Tasks