General

  • Target

    93502131eb88c4093df220e25a4e54ca_JaffaCakes118

  • Size

    12.4MB

  • Sample

    240604-b44xesgh9z

  • MD5

    93502131eb88c4093df220e25a4e54ca

  • SHA1

    4a28f993b540e9ca253da486d48ac948697901c9

  • SHA256

    aeed6b73622dbafa0afcdd711ea7584f1743b3fe5a504cfb85c1207ce17f4227

  • SHA512

    f1fae5479d4e444c1029cc36f8016e7e7f8bd26ceb86b875c4daf490cd3e2123922c8857c68e78c9193ec1749e093d2de77ce4171d910c4c388fc0e1bfb693dd

  • SSDEEP

    196608:7PSBMNY2dZxPuWGWt7QGjA0MGL6sWWEUz/WjwhWlyFNBRxoIhSJHO7rnJ5OduO4O:7qBGYYXuE7tAG6sZWjYWuvNuw3O4O

Malware Config

Targets

    • Target

      93502131eb88c4093df220e25a4e54ca_JaffaCakes118

    • Size

      12.4MB

    • MD5

      93502131eb88c4093df220e25a4e54ca

    • SHA1

      4a28f993b540e9ca253da486d48ac948697901c9

    • SHA256

      aeed6b73622dbafa0afcdd711ea7584f1743b3fe5a504cfb85c1207ce17f4227

    • SHA512

      f1fae5479d4e444c1029cc36f8016e7e7f8bd26ceb86b875c4daf490cd3e2123922c8857c68e78c9193ec1749e093d2de77ce4171d910c4c388fc0e1bfb693dd

    • SSDEEP

      196608:7PSBMNY2dZxPuWGWt7QGjA0MGL6sWWEUz/WjwhWlyFNBRxoIhSJHO7rnJ5OduO4O:7qBGYYXuE7tAG6sZWjYWuvNuw3O4O

    Score
    7/10
    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Target

      clean_robot.apk

    • Size

      138KB

    • MD5

      4b31ed065618d2553b64c83127ecf698

    • SHA1

      aa5cee4147e90c362e9f1e804f31af06cffd60c7

    • SHA256

      0ef662cefa04b69c128212edb3847a0b14876a52cd4175527c9489f87d0136cf

    • SHA512

      6febfe8d2ad16ded31439917775e2a032bfe3d01b1bb37461d3c104faeaa978fe5d771af5b845777575ace8007a0bd8bbc823314c41c0e4aec089209ee5c3fe6

    • SSDEEP

      3072:/5DT5xLlH4v9tmgcn6sQfqCeqR6Z188nWFcFXq80:/5DT/LlHQggK6heqR6IyCcF0

    Score
    7/10
    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks