General

  • Target

    892dbc130381ce2e5c30d217278d0a95_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240601-ddcflagb39

  • MD5

    892dbc130381ce2e5c30d217278d0a95

  • SHA1

    04bcdfd92520f5d2bf4dd9ffedd3780bc2612f02

  • SHA256

    2efecbc5af43900f7419e715d89c5fffefab85fe1878069d78b26c8a7be503d1

  • SHA512

    526c063e339da0501fdf89a6d4e4c4962e6ca8bcd79be138bbb8e14e1cbae38b27ed105bfe95df90e9aa3f6f298f338f0e992799fb61d7725592a2710fa2537b

  • SSDEEP

    49152:RwefmsHQybsilRgt9op/KzROu1m+rnsJxzQWapuLPfrDgbAcii0mAnGTxpe:GeftbZlRgt9o1mRE+rnCQezXY0mpxpe

Malware Config

Targets

    • Target

      892dbc130381ce2e5c30d217278d0a95_JaffaCakes118

    • Size

      2.9MB

    • MD5

      892dbc130381ce2e5c30d217278d0a95

    • SHA1

      04bcdfd92520f5d2bf4dd9ffedd3780bc2612f02

    • SHA256

      2efecbc5af43900f7419e715d89c5fffefab85fe1878069d78b26c8a7be503d1

    • SHA512

      526c063e339da0501fdf89a6d4e4c4962e6ca8bcd79be138bbb8e14e1cbae38b27ed105bfe95df90e9aa3f6f298f338f0e992799fb61d7725592a2710fa2537b

    • SSDEEP

      49152:RwefmsHQybsilRgt9op/KzROu1m+rnsJxzQWapuLPfrDgbAcii0mAnGTxpe:GeftbZlRgt9o1mRE+rnCQezXY0mpxpe

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks