General

  • Target

    904c16c5c0111cbb0b4aceb3ccab8699_JaffaCakes118

  • Size

    30.0MB

  • Sample

    240603-c9s8jsge9s

  • MD5

    904c16c5c0111cbb0b4aceb3ccab8699

  • SHA1

    472c92b387e01f7192dc15d0c1977a1a81002b89

  • SHA256

    20158e32fdcc696bfe5cc3f3e76e6b5f0db6d5efe7af099d86c81121de330218

  • SHA512

    937a355b6c32d2d59bbee595b6c7dbf9e6ca3ba75af152f847e124ee2b85c4735527aa632bed642ef1e589ea337568926ed033b5e72d941b3c3fefb7c8b9a733

  • SSDEEP

    786432:lhDnz9Ze4FPQV8gwvt7lzwBlA4mDOixg2Y/iT:vnz/e4hQO7tlzwBlA4EC5g

Malware Config

Targets

    • Target

      904c16c5c0111cbb0b4aceb3ccab8699_JaffaCakes118

    • Size

      30.0MB

    • MD5

      904c16c5c0111cbb0b4aceb3ccab8699

    • SHA1

      472c92b387e01f7192dc15d0c1977a1a81002b89

    • SHA256

      20158e32fdcc696bfe5cc3f3e76e6b5f0db6d5efe7af099d86c81121de330218

    • SHA512

      937a355b6c32d2d59bbee595b6c7dbf9e6ca3ba75af152f847e124ee2b85c4735527aa632bed642ef1e589ea337568926ed033b5e72d941b3c3fefb7c8b9a733

    • SSDEEP

      786432:lhDnz9Ze4FPQV8gwvt7lzwBlA4mDOixg2Y/iT:vnz/e4hQO7tlzwBlA4EC5g

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Acquires the wake lock

    • Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks