General

  • Target

    898de4542a109366fb207ec4322a46b5_JaffaCakes118

  • Size

    10.4MB

  • Sample

    240601-grrn8acg94

  • MD5

    898de4542a109366fb207ec4322a46b5

  • SHA1

    0c356fa428aa7350a58a6f07d0b21b099f87c3ab

  • SHA256

    99bb2e369a80fed4c28aefc4141ce2c2efade6f71b2d878444d9fe776ebaa7c1

  • SHA512

    c76e15b098e22392460ef444292e8dd32c2862fb421918c5fa60cfcad1941d7d55542ff3a9f2071f9dafc1cffc7fef36bd29e959716f35af726d883e0afefd2c

  • SSDEEP

    196608:rjUsDa1WHiQAg1VmPjfm9t/smBpRIfm3nd1U+OFNF7inlTmjg8fp5C+AT:rjUkc9Q5+LZcKu1UxF37cdmzp5LAT

Malware Config

Targets

    • Target

      898de4542a109366fb207ec4322a46b5_JaffaCakes118

    • Size

      10.4MB

    • MD5

      898de4542a109366fb207ec4322a46b5

    • SHA1

      0c356fa428aa7350a58a6f07d0b21b099f87c3ab

    • SHA256

      99bb2e369a80fed4c28aefc4141ce2c2efade6f71b2d878444d9fe776ebaa7c1

    • SHA512

      c76e15b098e22392460ef444292e8dd32c2862fb421918c5fa60cfcad1941d7d55542ff3a9f2071f9dafc1cffc7fef36bd29e959716f35af726d883e0afefd2c

    • SSDEEP

      196608:rjUsDa1WHiQAg1VmPjfm9t/smBpRIfm3nd1U+OFNF7inlTmjg8fp5C+AT:rjUkc9Q5+LZcKu1UxF37cdmzp5LAT

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks