General

  • Target

    6b2d3355e2b2d91ee90bdb41c4d9daba_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240523-rc4eksde9s

  • MD5

    6b2d3355e2b2d91ee90bdb41c4d9daba

  • SHA1

    e5f8e06a773b00082b628d10221ff17a44b3e9f1

  • SHA256

    59069daedf165cf0b2ae9fb8a379823350333457ed90e7919ce2c39107ad870e

  • SHA512

    cee1515e28b01e9b22c5e058dbec61f82dae7ab6286c8050e180413b0e69e27ec4e65a7ca3216b43c89078cfa53b8716263f894b38be829009b0d5dfcbe7bd1a

  • SSDEEP

    24576:ovLPFebqqXd6I776H/2JXg8AcYOw29pFWvv2C0C4OkPzLQ:oEbqqXd6I7k2drw29/WH2C0jOkPzc

Malware Config

Targets

    • Target

      6b2d3355e2b2d91ee90bdb41c4d9daba_JaffaCakes118

    • Size

      1.2MB

    • MD5

      6b2d3355e2b2d91ee90bdb41c4d9daba

    • SHA1

      e5f8e06a773b00082b628d10221ff17a44b3e9f1

    • SHA256

      59069daedf165cf0b2ae9fb8a379823350333457ed90e7919ce2c39107ad870e

    • SHA512

      cee1515e28b01e9b22c5e058dbec61f82dae7ab6286c8050e180413b0e69e27ec4e65a7ca3216b43c89078cfa53b8716263f894b38be829009b0d5dfcbe7bd1a

    • SSDEEP

      24576:ovLPFebqqXd6I776H/2JXg8AcYOw29pFWvv2C0C4OkPzLQ:oEbqqXd6I7k2drw29/WH2C0jOkPzc

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks