General

  • Target

    9b0197f8a39cf0a9bd8b0f9c9b204b13_JaffaCakes118

  • Size

    6.2MB

  • Sample

    240610-rxrarazepk

  • MD5

    9b0197f8a39cf0a9bd8b0f9c9b204b13

  • SHA1

    f693bde3335a3c7b8c4fe4911ea0f470b9a3d2d5

  • SHA256

    e34e11bfbe8ab7a2b734caf5b107ef0e1d5c56f497cf4e4866a4f1820a155968

  • SHA512

    287f425eee96a67c67fd05535b4e6c39b6b8242dd6a14e37406e1b948287a664cdb51d9f3ce267df0ba8fd1801db1c51041706469955b3a7b1566c95b483b6ff

  • SSDEEP

    98304:T28hkUQr7dlcGRXVec2JWu3+PFFruph4FfMae7pl1z1mb1vMHDBebRFKkt2Z/jLb:MrfbuoXQxmRMHDRk0nQDzs

Malware Config

Targets

    • Target

      9b0197f8a39cf0a9bd8b0f9c9b204b13_JaffaCakes118

    • Size

      6.2MB

    • MD5

      9b0197f8a39cf0a9bd8b0f9c9b204b13

    • SHA1

      f693bde3335a3c7b8c4fe4911ea0f470b9a3d2d5

    • SHA256

      e34e11bfbe8ab7a2b734caf5b107ef0e1d5c56f497cf4e4866a4f1820a155968

    • SHA512

      287f425eee96a67c67fd05535b4e6c39b6b8242dd6a14e37406e1b948287a664cdb51d9f3ce267df0ba8fd1801db1c51041706469955b3a7b1566c95b483b6ff

    • SSDEEP

      98304:T28hkUQr7dlcGRXVec2JWu3+PFFruph4FfMae7pl1z1mb1vMHDBebRFKkt2Z/jLb:MrfbuoXQxmRMHDRk0nQDzs

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks