General

  • Target

    9d6ee18795c552b6112d9564c32c73fc_JaffaCakes118

  • Size

    9.3MB

  • Sample

    240611-jclkrszclq

  • MD5

    9d6ee18795c552b6112d9564c32c73fc

  • SHA1

    320273bd8088bd838438b656de70642a6e911237

  • SHA256

    7a1a20240807361fa0daf1f6cceda0b335ae2ebd87edd2a2534f7429a8844e03

  • SHA512

    1e8957057d3b53e97019ed2777bac3da122617f5f0ddc1315e1ae6fe962bd1a8a27f9ea1590afb31089e7c167e47e26dc622d2a586cb5e243e633839798ae14c

  • SSDEEP

    196608:3B1KyP76WFzV1yXBZxhO+whfvfjO/qFZ6q9Em+41:pP7VRVwXGJhAqFZ/9E341

Malware Config

Targets

    • Target

      9d6ee18795c552b6112d9564c32c73fc_JaffaCakes118

    • Size

      9.3MB

    • MD5

      9d6ee18795c552b6112d9564c32c73fc

    • SHA1

      320273bd8088bd838438b656de70642a6e911237

    • SHA256

      7a1a20240807361fa0daf1f6cceda0b335ae2ebd87edd2a2534f7429a8844e03

    • SHA512

      1e8957057d3b53e97019ed2777bac3da122617f5f0ddc1315e1ae6fe962bd1a8a27f9ea1590afb31089e7c167e47e26dc622d2a586cb5e243e633839798ae14c

    • SSDEEP

      196608:3B1KyP76WFzV1yXBZxhO+whfvfjO/qFZ6q9Em+41:pP7VRVwXGJhAqFZ/9E341

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Target

      alipay_msp.apk

    • Size

      354KB

    • MD5

      89c04e1ebcd58eca6dd93211628ed0bc

    • SHA1

      7d1e77ce25a635299704dbd95bd95c697572ea9d

    • SHA256

      ee3c608fff51b313f4e0b3e542bedccb4d4db4c8eb44e63bf4be0d468e9ee117

    • SHA512

      3dccaeff9906401855f3071c91012926d7e9250674ea0bb89606e4862223a8343fc7b9369afe4e50031d261b45437107c018f565da5615c49721c3bf1bf6ed01

    • SSDEEP

      6144:cH8LfOo+BjGVN8TdW4zxgnm1Us3JuOK2vf5C8EcPK+WvyQcQ2fnq7:cHLxBiVN8pWggmlY25CLE8RcQ2fnq7

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Target

      alipay_plugin.apk

    • Size

      130KB

    • MD5

      c23a5f853ad6fc0a6e0044b9e03ed14f

    • SHA1

      49fa7916d1fc81a4a44c8e45d2d4765143699b4f

    • SHA256

      895be6aa104a36d9654e5e5f77b72db998763c38d5c472dff085731f74bde1dc

    • SHA512

      abf2cb50200717860fa25f2af33f2b2a9b40db13a9d2713fc0d051b0e68439996abaf56b9d92538a137eb34fd56431595ba1e857518cd53e0101f551527fb551

    • SSDEEP

      3072:C5M85/rPfM3qQ7yJkxH5MQuywZiTzFD667Vd:V6jfMN2JkhuywZidD667Vd

    Score
    1/10

MITRE ATT&CK Matrix

Tasks