General

  • Target

    6e90769fb34833f2c2f41cfdcf89161a_JaffaCakes118

  • Size

    15.6MB

  • Sample

    240524-pyrxkadb57

  • MD5

    6e90769fb34833f2c2f41cfdcf89161a

  • SHA1

    0f4c6a92a61f43b503d42a9fc2456d264b281faa

  • SHA256

    1f026f42884e70ff6322745e687745b8a8d6d5db788a2ec0ea2abac6eb721b73

  • SHA512

    0a315f948feea2684fa1f1a90975fc9e22b4040b0478f86c12641049ecbf695e54f8fcbbc4c54370683013f1becac14f35ba34af6000f6301299c248ed12aa10

  • SSDEEP

    393216:yLI1Go7ecul9nq2bfwDPABT2MozUCSJ4oHvlUszsMbTvK0:OFpcul9S62y5JveqsMb9

Malware Config

Targets

    • Target

      6e90769fb34833f2c2f41cfdcf89161a_JaffaCakes118

    • Size

      15.6MB

    • MD5

      6e90769fb34833f2c2f41cfdcf89161a

    • SHA1

      0f4c6a92a61f43b503d42a9fc2456d264b281faa

    • SHA256

      1f026f42884e70ff6322745e687745b8a8d6d5db788a2ec0ea2abac6eb721b73

    • SHA512

      0a315f948feea2684fa1f1a90975fc9e22b4040b0478f86c12641049ecbf695e54f8fcbbc4c54370683013f1becac14f35ba34af6000f6301299c248ed12aa10

    • SSDEEP

      393216:yLI1Go7ecul9nq2bfwDPABT2MozUCSJ4oHvlUszsMbTvK0:OFpcul9S62y5JveqsMb9

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks