General

  • Target

    908b38647b2aaddc2ec7f317525e3b23_JaffaCakes118

  • Size

    12.6MB

  • Sample

    240603-e7lf2abe7y

  • MD5

    908b38647b2aaddc2ec7f317525e3b23

  • SHA1

    b32de269204d099091c5f41f941ef3715b3feabb

  • SHA256

    8013ecbb1f4d9bdfcd538b8bb7cdfd5c0d1005d513418dd22bba0e856136bf62

  • SHA512

    65c15e596736bfa7df30ceeeb1f1adfb9eb798de93add248d7036f2fe69688ae34c0c8d6472bbb94c6d0c4eb4428c967a9d70b44b585cd71a40b61af61ec4e8d

  • SSDEEP

    98304:NieLay0dFjZM2J4y0mwnUTN36SLyF93sgG/pS1BqfryiJQ6jYu6b:oQR0i2gU9dLQszr3JQi6b

Malware Config

Targets

    • Target

      908b38647b2aaddc2ec7f317525e3b23_JaffaCakes118

    • Size

      12.6MB

    • MD5

      908b38647b2aaddc2ec7f317525e3b23

    • SHA1

      b32de269204d099091c5f41f941ef3715b3feabb

    • SHA256

      8013ecbb1f4d9bdfcd538b8bb7cdfd5c0d1005d513418dd22bba0e856136bf62

    • SHA512

      65c15e596736bfa7df30ceeeb1f1adfb9eb798de93add248d7036f2fe69688ae34c0c8d6472bbb94c6d0c4eb4428c967a9d70b44b585cd71a40b61af61ec4e8d

    • SSDEEP

      98304:NieLay0dFjZM2J4y0mwnUTN36SLyF93sgG/pS1BqfryiJQ6jYu6b:oQR0i2gU9dLQszr3JQi6b

    • Checks if the Android device is rooted.

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks