General

  • Target

    9e92e543ada1fda53791aebfc33896d6_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240611-sakecs1frl

  • MD5

    9e92e543ada1fda53791aebfc33896d6

  • SHA1

    684f1f60361c887caedd77e30296e443541c75b1

  • SHA256

    2d9ab31168e0bd47a62743e37dab92861f593974bde5d7e0f569ff93dbadaf7a

  • SHA512

    aacd59db6710fba1baf1a0c2da882eb94a16c546fff278fa9531a5d7ab2cc01348aebfc19807c99fd8b87ce72b93a1883b5eca7768665623bf56313b6d4b0e95

  • SSDEEP

    49152:K14WIvKJbecqsPZ/ZZhZhoW2Q+TKgskVh8Zi5F:lWfJTLhBv0Kg9hr5F

Malware Config

Targets

    • Target

      9e92e543ada1fda53791aebfc33896d6_JaffaCakes118

    • Size

      1.5MB

    • MD5

      9e92e543ada1fda53791aebfc33896d6

    • SHA1

      684f1f60361c887caedd77e30296e443541c75b1

    • SHA256

      2d9ab31168e0bd47a62743e37dab92861f593974bde5d7e0f569ff93dbadaf7a

    • SHA512

      aacd59db6710fba1baf1a0c2da882eb94a16c546fff278fa9531a5d7ab2cc01348aebfc19807c99fd8b87ce72b93a1883b5eca7768665623bf56313b6d4b0e95

    • SSDEEP

      49152:K14WIvKJbecqsPZ/ZZhZhoW2Q+TKgskVh8Zi5F:lWfJTLhBv0Kg9hr5F

    • Checks if the Android device is rooted.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks