General

  • Target

    954e7fd1f9151db65eeddbdb4c04b009_JaffaCakes118

  • Size

    30.1MB

  • Sample

    240604-sh512abf92

  • MD5

    954e7fd1f9151db65eeddbdb4c04b009

  • SHA1

    c09a286a2a396e26f1afdb71b15cc9989280ef30

  • SHA256

    1ec4503f935165e4aa3a7db6cd77bfb300f06c15c54b5bcbdc6635f83bc23870

  • SHA512

    b1fe753733081e1724369ea1861f22878c87d911680040a06fe4cd3ae49d79b97830295f0ab82d4fded3145520472446e2e228d6c1c207fc1b5ef4766a058737

  • SSDEEP

    786432:vGYmWe11M+KfflQ6gB2y5MCnXzGb4eLKrm2x:je11rKfflFyXjd

Malware Config

Targets

    • Target

      954e7fd1f9151db65eeddbdb4c04b009_JaffaCakes118

    • Size

      30.1MB

    • MD5

      954e7fd1f9151db65eeddbdb4c04b009

    • SHA1

      c09a286a2a396e26f1afdb71b15cc9989280ef30

    • SHA256

      1ec4503f935165e4aa3a7db6cd77bfb300f06c15c54b5bcbdc6635f83bc23870

    • SHA512

      b1fe753733081e1724369ea1861f22878c87d911680040a06fe4cd3ae49d79b97830295f0ab82d4fded3145520472446e2e228d6c1c207fc1b5ef4766a058737

    • SSDEEP

      786432:vGYmWe11M+KfflQ6gB2y5MCnXzGb4eLKrm2x:je11rKfflFyXjd

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks