General

  • Target

    98cb1be8e44a46044584e3ea3ff5a94a_JaffaCakes118

  • Size

    31.6MB

  • Sample

    240605-v7t16seb26

  • MD5

    98cb1be8e44a46044584e3ea3ff5a94a

  • SHA1

    e47cafa69a4d5f4e2c941f3aac2f530774884ee5

  • SHA256

    657bd591f94eb07a9127be55be498078312a4603e0951726987ce217760106b4

  • SHA512

    1dc812e5f8d7c12d4bcb44f33d4257a9f9f015e2298ae68c440504853f16bc624b7219d68f32e554363cbb32cd0d34da2183f95715fc59d99f2a5c3b4b79f551

  • SSDEEP

    786432:13JUwn9wGa83xLgKA/SWGfUVGYI8NM5w+:5JBmGaHlGfw7hNM51

Malware Config

Targets

    • Target

      98cb1be8e44a46044584e3ea3ff5a94a_JaffaCakes118

    • Size

      31.6MB

    • MD5

      98cb1be8e44a46044584e3ea3ff5a94a

    • SHA1

      e47cafa69a4d5f4e2c941f3aac2f530774884ee5

    • SHA256

      657bd591f94eb07a9127be55be498078312a4603e0951726987ce217760106b4

    • SHA512

      1dc812e5f8d7c12d4bcb44f33d4257a9f9f015e2298ae68c440504853f16bc624b7219d68f32e554363cbb32cd0d34da2183f95715fc59d99f2a5c3b4b79f551

    • SSDEEP

      786432:13JUwn9wGa83xLgKA/SWGfUVGYI8NM5w+:5JBmGaHlGfw7hNM51

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Target

      com.alipay.android.app.apk

    • Size

      354KB

    • MD5

      7b3353b143078dbafd37485f8136728e

    • SHA1

      f2d312754bb2c4854849381997561d09a90b4fb9

    • SHA256

      e86f24838e0aa5527adf3d129652bf70b67990989bf7e8c8d61c3356231ce1ac

    • SHA512

      0f326957abeebaed130da1f6ec7a53de5dd9671d6ae7d975f2b6172af4c323df81efd0f6d4b8a1e4197d5dd35d4419c658f1c936a404bbf9d7e73ee71a5e06f8

    • SSDEEP

      6144:Iv8DL7okgHi/BBs3dWcfihtB7+Y3Ju4g2Tf5C8EcPK+WvyQcy2fny43:Iv67gC/BBsNWfh3VcG5CLE8Rcy2fny43

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Matrix

Tasks