General

  • Target

    91451cea3589211c691c39dfa8ee9296_JaffaCakes118

  • Size

    4.8MB

  • Sample

    240603-lcq7csaa4y

  • MD5

    91451cea3589211c691c39dfa8ee9296

  • SHA1

    aaef9b896bd8ce1afbeca706a748affc635cb76f

  • SHA256

    f64e3527dd7a9fe72687fdb7b191ac55e21404a10a7823adf88558756f6261c8

  • SHA512

    b52fed22943bdfe38cd9cfd0d7aa9cd74fedb2232f3f8ae9f5bc7d31b15c39e4baa44044e43e5a2f9b77dbb3fd560f4e6164e9862582f98ed99b32621e515631

  • SSDEEP

    98304:V9azSX1djQ2vZdvZirT2JNqGqe8ewMbBpiX4IOJLQ0V6:V7f7xVW2JUG9KMqX4IOL6

Malware Config

Targets

    • Target

      91451cea3589211c691c39dfa8ee9296_JaffaCakes118

    • Size

      4.8MB

    • MD5

      91451cea3589211c691c39dfa8ee9296

    • SHA1

      aaef9b896bd8ce1afbeca706a748affc635cb76f

    • SHA256

      f64e3527dd7a9fe72687fdb7b191ac55e21404a10a7823adf88558756f6261c8

    • SHA512

      b52fed22943bdfe38cd9cfd0d7aa9cd74fedb2232f3f8ae9f5bc7d31b15c39e4baa44044e43e5a2f9b77dbb3fd560f4e6164e9862582f98ed99b32621e515631

    • SSDEEP

      98304:V9azSX1djQ2vZdvZirT2JNqGqe8ewMbBpiX4IOJLQ0V6:V7f7xVW2JUG9KMqX4IOL6

    Score
    1/10
    • Target

      launcher3.apk

    • Size

      4.0MB

    • MD5

      9e164feeb01f6420fec87e069e42326a

    • SHA1

      ccddcfc2ff287855bee059c0a591f4ce6bb6a4b0

    • SHA256

      89989a05630ecc7bd7be28ed77f9cbfd1c74a5612aa7c4470bf1e977132afb80

    • SHA512

      6bf5021114a47fc59e89dfcb19b5c07a2e195c90962a2d8a30891d7369251cc25dedfb13b0dbe1b480e6f649620fdad91cb956357330ada59d1e771adcc1015c

    • SSDEEP

      98304:e9azSX1djQ2vZdvZirT2JNqGqe8ewMbBpiX4IOJLk:e7f7xVW2JUG9KMqX4IOG

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads the content of SMS inbox messages.

    • Reads the content of the SMS messages.

    • Reads the content of the call log.

    • Registers a broadcast receiver at runtime (usually for listening for system events)

    • Checks if the internet connection is available

    • Changes the wallpaper (common with ransomware activity)

MITRE ATT&CK Mobile v15

Tasks