General
-
Target
6a3462584b91a2a0b427850067b820ce_JaffaCakes118
-
Size
3.7MB
-
Sample
240523-jd83fshf5y
-
MD5
6a3462584b91a2a0b427850067b820ce
-
SHA1
c145ca66bb74d02290c4826701b7889f6377db81
-
SHA256
54c3e1741e350d841c910e01d4c56f6691aec53fd6faf05bf9d31f7f3875b679
-
SHA512
416470d31d90b70b19212728323d4a9eef424760916ffacfcc93812b16a4a79143ef90a6a5e32524b86939d8cc468dc9e034a14e25d70a2a93674c56c4ec5f05
-
SSDEEP
98304:Nd1u4dde8dr4HeGhLZXYEIGH0GwbNk8vo:Dg0johLZXYEdgNkV
Malware Config
Targets
-
-
Target
6a3462584b91a2a0b427850067b820ce_JaffaCakes118
-
Size
3.7MB
-
MD5
6a3462584b91a2a0b427850067b820ce
-
SHA1
c145ca66bb74d02290c4826701b7889f6377db81
-
SHA256
54c3e1741e350d841c910e01d4c56f6691aec53fd6faf05bf9d31f7f3875b679
-
SHA512
416470d31d90b70b19212728323d4a9eef424760916ffacfcc93812b16a4a79143ef90a6a5e32524b86939d8cc468dc9e034a14e25d70a2a93674c56c4ec5f05
-
SSDEEP
98304:Nd1u4dde8dr4HeGhLZXYEIGH0GwbNk8vo:Dg0johLZXYEdgNkV
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads the content of photos stored on the user's device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1