General

  • Target

    98dd3a2db7f4767e7f29729fa88a3d35_JaffaCakes118

  • Size

    4.5MB

  • Sample

    240605-wmw6gaef29

  • MD5

    98dd3a2db7f4767e7f29729fa88a3d35

  • SHA1

    352285bda0ac6748f9e58a0161262213efef8dad

  • SHA256

    e83e4c95cd1f23babae982de2c2edc7c91cd78a04258999afd4037f8df9ead92

  • SHA512

    7deb06d1c98bf8f47d33522850932621653f00d5b068af171dff48b6079222b27e5c4f09da104dae0f635b6c9710fcc9039cee9c7b855acf24f5998079bb3840

  • SSDEEP

    98304:DR4pdLaDS/qR0uQo608SXzCAsajJOR81hGW7c:DR4pQe/qRgk8sz5x1hGGc

Malware Config

Targets

    • Target

      98dd3a2db7f4767e7f29729fa88a3d35_JaffaCakes118

    • Size

      4.5MB

    • MD5

      98dd3a2db7f4767e7f29729fa88a3d35

    • SHA1

      352285bda0ac6748f9e58a0161262213efef8dad

    • SHA256

      e83e4c95cd1f23babae982de2c2edc7c91cd78a04258999afd4037f8df9ead92

    • SHA512

      7deb06d1c98bf8f47d33522850932621653f00d5b068af171dff48b6079222b27e5c4f09da104dae0f635b6c9710fcc9039cee9c7b855acf24f5998079bb3840

    • SSDEEP

      98304:DR4pdLaDS/qR0uQo608SXzCAsajJOR81hGW7c:DR4pQe/qRgk8sz5x1hGGc

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Matrix

Tasks