General

  • Target

    9851a816216e82e8ec7cc9f56ecca29f_JaffaCakes118

  • Size

    28.6MB

  • Sample

    240605-q3fkrsgh9y

  • MD5

    9851a816216e82e8ec7cc9f56ecca29f

  • SHA1

    d7b086b20b7db7b0b743967be27d34dce32dcb97

  • SHA256

    31c0e6475354800affb67479b8545ef4c4280630ebbeaad82a2fca0ab71b3d62

  • SHA512

    d7f2939c021994ba62399d7fa41c4b04cbae2d626ac4e657040e2bf0fdf6e699c37ae6b4e1183a248db143e2ea033a082fdef3762eacd9a4967161068fb75fde

  • SSDEEP

    786432:nF6y/S0ZTMDGRILXMwnoYB3DOayeqPOmUOdFd4hJgRwLju+g4bngx2:cynmGRIbMwnptDWPx1fkZnw2

Malware Config

Targets

    • Target

      9851a816216e82e8ec7cc9f56ecca29f_JaffaCakes118

    • Size

      28.6MB

    • MD5

      9851a816216e82e8ec7cc9f56ecca29f

    • SHA1

      d7b086b20b7db7b0b743967be27d34dce32dcb97

    • SHA256

      31c0e6475354800affb67479b8545ef4c4280630ebbeaad82a2fca0ab71b3d62

    • SHA512

      d7f2939c021994ba62399d7fa41c4b04cbae2d626ac4e657040e2bf0fdf6e699c37ae6b4e1183a248db143e2ea033a082fdef3762eacd9a4967161068fb75fde

    • SSDEEP

      786432:nF6y/S0ZTMDGRILXMwnoYB3DOayeqPOmUOdFd4hJgRwLju+g4bngx2:cynmGRIbMwnptDWPx1fkZnw2

    Score
    1/10
    • Target

      downjoy.apk

    • Size

      10.1MB

    • MD5

      6a042858aaaebdb76129ce5c83d158b9

    • SHA1

      3f9d6fd17b0adc017b90ffb0f34b41be1654f1ca

    • SHA256

      7d1124f77f0907e5d8aa8e02e7e4cbaab3fcfe4df65dbe557bcc66a08e73bd43

    • SHA512

      05b335b7c8adcb78db984fae470ce65761a60ff4f1c32dc51659db7eda2aa5ed96435e8943c0a32b2995055bae23af89bc92df047e6fb845a666e2dae61f9bc2

    • SSDEEP

      196608:OBQQiLvEOh8RC9cdN8zWlqey1E3Um+JIfXNwlb10PHsBqMhLCHvlcIGiTc4RRxgA:2QQeEOh0N8zeqP1E3mmfOlb1ljhdoTh7

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries the phone number (MSISDN for GSM devices)

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks