General

  • Target

    9a367e254e6fd77b7ad7efcc6e235a8e_JaffaCakes118

  • Size

    9.2MB

  • Sample

    240606-hz1sjaca56

  • MD5

    9a367e254e6fd77b7ad7efcc6e235a8e

  • SHA1

    ec43463bfc82fe6fcc55dbd7e7c1d5f02d1a1ccc

  • SHA256

    d8f69e5dfdc9a3455cdf072f2399f6fbe548626c02b1efdf604db978ef2b1fb0

  • SHA512

    296e490141cf47c9128ea0eda6d1a8d2564b678a6ec1cb6785c614a38b65af09f8dbda520bf33a52b59c86d2c2a7bc7be498c795349e4594d871cab1ef473bd1

  • SSDEEP

    196608:6oSZDVbrTUtACi/pTFyMiu6ac88sbFxttUGUqWT:6LfbrToAT/pR63/GFbT8

Malware Config

Targets

    • Target

      9a367e254e6fd77b7ad7efcc6e235a8e_JaffaCakes118

    • Size

      9.2MB

    • MD5

      9a367e254e6fd77b7ad7efcc6e235a8e

    • SHA1

      ec43463bfc82fe6fcc55dbd7e7c1d5f02d1a1ccc

    • SHA256

      d8f69e5dfdc9a3455cdf072f2399f6fbe548626c02b1efdf604db978ef2b1fb0

    • SHA512

      296e490141cf47c9128ea0eda6d1a8d2564b678a6ec1cb6785c614a38b65af09f8dbda520bf33a52b59c86d2c2a7bc7be498c795349e4594d871cab1ef473bd1

    • SSDEEP

      196608:6oSZDVbrTUtACi/pTFyMiu6ac88sbFxttUGUqWT:6LfbrToAT/pR63/GFbT8

    • Checks if the Android device is rooted.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Checks the presence of a debugger

MITRE ATT&CK Matrix

Tasks