General

  • Target

    9551a105f36689c7ac8b7483e93b0287_JaffaCakes118

  • Size

    11.7MB

  • Sample

    240604-slxttsbg75

  • MD5

    9551a105f36689c7ac8b7483e93b0287

  • SHA1

    9404849a13e1bc5464586467387a9caee183d112

  • SHA256

    6aab3785fc8fb5217ab13b6a8a44db268d3de0886f2ccc80c683139d351263f4

  • SHA512

    682f550f5b2660fcfa91089fe1b009d77c20c9a4ef5e95f38ee99bd9d21dc308a706fb3e46662587e782fde39b8f3f7e5d6e384d0023f7bec69a2557639ba03e

  • SSDEEP

    196608:gHS1Rx0StebH/p7mS2oya2RVieaNLkdmfRkhLpLN3tzDh3BoZOumboa36k6q0uW5:gy87p7n2o4TTcLkspkFd/Z3BoTmboa3m

Malware Config

Targets

    • Target

      9551a105f36689c7ac8b7483e93b0287_JaffaCakes118

    • Size

      11.7MB

    • MD5

      9551a105f36689c7ac8b7483e93b0287

    • SHA1

      9404849a13e1bc5464586467387a9caee183d112

    • SHA256

      6aab3785fc8fb5217ab13b6a8a44db268d3de0886f2ccc80c683139d351263f4

    • SHA512

      682f550f5b2660fcfa91089fe1b009d77c20c9a4ef5e95f38ee99bd9d21dc308a706fb3e46662587e782fde39b8f3f7e5d6e384d0023f7bec69a2557639ba03e

    • SSDEEP

      196608:gHS1Rx0StebH/p7mS2oya2RVieaNLkdmfRkhLpLN3tzDh3BoZOumboa36k6q0uW5:gy87p7n2o4TTcLkspkFd/Z3BoTmboa3m

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of photos stored on the user's device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks