Resubmissions

General

  • Target

    6bdf49e9738a7824e0ddc7996b2e41e9_JaffaCakes118

  • Size

    30.4MB

  • Sample

    240523-w5hqssbh77

  • MD5

    6bdf49e9738a7824e0ddc7996b2e41e9

  • SHA1

    599dfd793096d670fd4010336a958e9a93dd094e

  • SHA256

    4ab0e6ebc50e65e6ba3182e353430d451e1fc0674c5e812aff31a58f248a925e

  • SHA512

    6572e16e14ef0d51ad81906b3e38dccb4a3b67b61fa600388edc843eb553ff76c11c2f5c7b9917ce15c67af69670b2cb06fcf24baf5efcb2b32742ab80114a6a

  • SSDEEP

    786432:oI0h1bIC7b+oMZqJ5AVZPfssEmjuDySCX0WWQPUIe8:y1MC7b+nIAzPfssDiDytX0lu

Malware Config

Targets

    • Target

      6bdf49e9738a7824e0ddc7996b2e41e9_JaffaCakes118

    • Size

      30.4MB

    • MD5

      6bdf49e9738a7824e0ddc7996b2e41e9

    • SHA1

      599dfd793096d670fd4010336a958e9a93dd094e

    • SHA256

      4ab0e6ebc50e65e6ba3182e353430d451e1fc0674c5e812aff31a58f248a925e

    • SHA512

      6572e16e14ef0d51ad81906b3e38dccb4a3b67b61fa600388edc843eb553ff76c11c2f5c7b9917ce15c67af69670b2cb06fcf24baf5efcb2b32742ab80114a6a

    • SSDEEP

      786432:oI0h1bIC7b+oMZqJ5AVZPfssEmjuDySCX0WWQPUIe8:y1MC7b+nIAzPfssDiDytX0lu

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Matrix

Tasks