General

  • Target

    893712bf04e24bc52a549fe98a2eeb38_JaffaCakes118

  • Size

    25.0MB

  • Sample

    240601-dqlvssge66

  • MD5

    893712bf04e24bc52a549fe98a2eeb38

  • SHA1

    cdf2b46835688b6fc8669a33eea196f6e6bf49be

  • SHA256

    fb2577dc8ae8aa74b97c834fe83e1a955a946624573e243f37fe357879012228

  • SHA512

    aaab889b9e81f17c01990d63aeb8b26f8d47058d799de7fa7c073e47f84155865ee1c30cd32e11869aa3f5cafe12adc52e60150f83c423119efcaed32582fede

  • SSDEEP

    786432:BM91gL1307gaZCLO+8WpttmDksXuxEORzniMtg+xssV5Ls1/w5NQ1:AiL1kBWO+NtkZuaORzzthx5eWNk

Malware Config

Targets

    • Target

      893712bf04e24bc52a549fe98a2eeb38_JaffaCakes118

    • Size

      25.0MB

    • MD5

      893712bf04e24bc52a549fe98a2eeb38

    • SHA1

      cdf2b46835688b6fc8669a33eea196f6e6bf49be

    • SHA256

      fb2577dc8ae8aa74b97c834fe83e1a955a946624573e243f37fe357879012228

    • SHA512

      aaab889b9e81f17c01990d63aeb8b26f8d47058d799de7fa7c073e47f84155865ee1c30cd32e11869aa3f5cafe12adc52e60150f83c423119efcaed32582fede

    • SSDEEP

      786432:BM91gL1307gaZCLO+8WpttmDksXuxEORzniMtg+xssV5Ls1/w5NQ1:AiL1kBWO+NtkZuaORzzthx5eWNk

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Reads information about phone network operator.

    • Requests dangerous framework permissions

    • Checks the presence of a debugger

    • Target

      Letv_Ads.apk

    • Size

      144KB

    • MD5

      088e32ab9afe0b0952927d20903cb6a5

    • SHA1

      dc1ff5b9e4782ea39867a5c5e43769c4291596ce

    • SHA256

      412f73e1dd3a506f475ecba46aaae75ebb174a4427b297c0f768bf6e569b9b39

    • SHA512

      1754c9984bd263579d41b10911f68aff45704cc4073f90717836cff12a0473dd55963be1cef5cc0760b93b1e825cf7189ff272c9a303f877c12277fe3e19db47

    • SSDEEP

      3072:u2RrirO5YbqEBATAZW9zyMTdj7TBM/7j7ZW0:u2RrGO5YbqEBGAuyMTdj7l2Tl

    Score
    1/10
    • Target

      cmf.plugin

    • Size

      13.4MB

    • MD5

      2f702847746786a83f3cf64a768a6ee1

    • SHA1

      208b559ef59a8db9ac345ffd68db85f7d796e449

    • SHA256

      189566003e746cdbd67f051731bf1e034aeb8a66b389abc405cf654bb14109bf

    • SHA512

      3623d5d48000e62ec7f23155cecdfdeb2d31998dfcb6e26c4c414702db42092ff4340dc6ddeb8aeb2156d62dbb9c9f79d02020f8cb8d075e923d9d15c626106e

    • SSDEEP

      393216:LcsOnUya1U5hy/1NnKGHHgcnKVOhCYK33P8frjjOsDJV2K+xsBx3b7RO:XOUjU5hytKGHAcwOhCb33PynOsDXzZO

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks