General

  • Target

    8a7a20c2c5e0ac7e9c23178c9e78e5f3_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240601-pk6tkacc5t

  • MD5

    8a7a20c2c5e0ac7e9c23178c9e78e5f3

  • SHA1

    aebc9a0c274b54bcefbc5a498874eed6e4144fe9

  • SHA256

    919b35f03d7582c4071015958dbd2fcec70d18289aa018a3ae7193d1917cc87f

  • SHA512

    f908b3d44878f2200c2e7662672198a30c05bf04dba48f0c10b2169013a3bd59c545de0b62964d3aea0410defba2c636169129eefabd88b2b7e1305412cb059f

  • SSDEEP

    49152:qNVKqH4r7AZoipvvwp3bviaUBnbahyU+rRSJ2h:qCqHnpIprvi7agqs

Malware Config

Targets

    • Target

      8a7a20c2c5e0ac7e9c23178c9e78e5f3_JaffaCakes118

    • Size

      1.9MB

    • MD5

      8a7a20c2c5e0ac7e9c23178c9e78e5f3

    • SHA1

      aebc9a0c274b54bcefbc5a498874eed6e4144fe9

    • SHA256

      919b35f03d7582c4071015958dbd2fcec70d18289aa018a3ae7193d1917cc87f

    • SHA512

      f908b3d44878f2200c2e7662672198a30c05bf04dba48f0c10b2169013a3bd59c545de0b62964d3aea0410defba2c636169129eefabd88b2b7e1305412cb059f

    • SSDEEP

      49152:qNVKqH4r7AZoipvvwp3bviaUBnbahyU+rRSJ2h:qCqHnpIprvi7agqs

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks