General

  • Target

    8a1c13fe7c771f81758eee59ca6e9194_JaffaCakes118

  • Size

    19.7MB

  • Sample

    240601-lys8vahc7y

  • MD5

    8a1c13fe7c771f81758eee59ca6e9194

  • SHA1

    4d032fcff0c2561925895afce1bde2d4b07cdacf

  • SHA256

    cd692cdb417a96364305cf29e9fdb33159da8848cf9f64fd2415c0f428ddeae2

  • SHA512

    2e1bc0f8c44390be7fbf797f41671ff8311e1b5fc38b09a5e1f87859d63bac995f117e51b89b8d8e70687cc432f53f7389cb79ceca9fe486c5694a4bf4c7c6e8

  • SSDEEP

    393216:r0KumqZC4mqqZTgUi/BcQMaqgszHneE9vH//bRHMna54cq+l7ihGU4:YlmqZCD5ZUUi/BclHneE9vH7VEa5BqO

Malware Config

Targets

    • Target

      8a1c13fe7c771f81758eee59ca6e9194_JaffaCakes118

    • Size

      19.7MB

    • MD5

      8a1c13fe7c771f81758eee59ca6e9194

    • SHA1

      4d032fcff0c2561925895afce1bde2d4b07cdacf

    • SHA256

      cd692cdb417a96364305cf29e9fdb33159da8848cf9f64fd2415c0f428ddeae2

    • SHA512

      2e1bc0f8c44390be7fbf797f41671ff8311e1b5fc38b09a5e1f87859d63bac995f117e51b89b8d8e70687cc432f53f7389cb79ceca9fe486c5694a4bf4c7c6e8

    • SSDEEP

      393216:r0KumqZC4mqqZTgUi/BcQMaqgszHneE9vH//bRHMna54cq+l7ihGU4:YlmqZCD5ZUUi/BclHneE9vH7VEa5BqO

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Acquires the wake lock

    • Checks if the internet connection is available

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks