General

  • Target

    8426a02b21ec3118dc73794de7aab295_JaffaCakes118

  • Size

    3.4MB

  • Sample

    240530-n5tt3agd6x

  • MD5

    8426a02b21ec3118dc73794de7aab295

  • SHA1

    4c4c58a749bd0c36d771386d39ad5dabd68ce770

  • SHA256

    36a465dba1ee2ba5dbb9380b3da1c2a2227db93b0dd30651f056ae85503fbe81

  • SHA512

    a275df5b98f412a66706db9fab6ec1af4e202098b349a8e4a8ee66a59c2d0900b0ea82e4c53f028ce316ded58086e0aceb2ea615077cceeeaead09702c323db2

  • SSDEEP

    98304:pdGrAdMGjbRROjBFcnBa9vRQGogBB1xFQZto:pkoWOn6RuW1xOto

Malware Config

Targets

    • Target

      8426a02b21ec3118dc73794de7aab295_JaffaCakes118

    • Size

      3.4MB

    • MD5

      8426a02b21ec3118dc73794de7aab295

    • SHA1

      4c4c58a749bd0c36d771386d39ad5dabd68ce770

    • SHA256

      36a465dba1ee2ba5dbb9380b3da1c2a2227db93b0dd30651f056ae85503fbe81

    • SHA512

      a275df5b98f412a66706db9fab6ec1af4e202098b349a8e4a8ee66a59c2d0900b0ea82e4c53f028ce316ded58086e0aceb2ea615077cceeeaead09702c323db2

    • SSDEEP

      98304:pdGrAdMGjbRROjBFcnBa9vRQGogBB1xFQZto:pkoWOn6RuW1xOto

    • Checks if the Android device is rooted.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

MITRE ATT&CK Mobile v15

Tasks