General

  • Target

    a2bfbb5eb173d6b60c31ba754813af81_JaffaCakes118

  • Size

    18.6MB

  • Sample

    240612-2mbsesxcqj

  • MD5

    a2bfbb5eb173d6b60c31ba754813af81

  • SHA1

    096c2b6615fc3adc2b791c6b520c3096d2777ebf

  • SHA256

    404548c475edae8794b929200fb9e55e05b75a63e5ba7688b7d6798d7d38e478

  • SHA512

    90b393ceecac8a7b52dc6e128e4bbda1258025d60baabc4c3107b34ada01ec33feac68243c57bdd428f0965858f71e9a8400adafe7cfc86ebeca313f2c70202b

  • SSDEEP

    393216:623GhjjmNP+1/fTKyBQ5ZflePnmpZ3EWf3hBqxKePT8lZXI0TeVf:f30jjmp+1/fOyeZNePw0Wfrq98c0kf

Malware Config

Targets

    • Target

      a2bfbb5eb173d6b60c31ba754813af81_JaffaCakes118

    • Size

      18.6MB

    • MD5

      a2bfbb5eb173d6b60c31ba754813af81

    • SHA1

      096c2b6615fc3adc2b791c6b520c3096d2777ebf

    • SHA256

      404548c475edae8794b929200fb9e55e05b75a63e5ba7688b7d6798d7d38e478

    • SHA512

      90b393ceecac8a7b52dc6e128e4bbda1258025d60baabc4c3107b34ada01ec33feac68243c57bdd428f0965858f71e9a8400adafe7cfc86ebeca313f2c70202b

    • SSDEEP

      393216:623GhjjmNP+1/fTKyBQ5ZflePnmpZ3EWf3hBqxKePT8lZXI0TeVf:f30jjmp+1/fOyeZNePw0Wfrq98c0kf

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      gdtadv2.jar

    • Size

      622KB

    • MD5

      e5becbeb87a0e55c59e14a83b5bbcee8

    • SHA1

      2a14bccdc44430d1c3505e31cf2805ce8cc175df

    • SHA256

      3109d727a1396689eeb81fe5dbdf82966231e1938f37bb405c45a3cbbb7978b6

    • SHA512

      b5610b90c7300dc819f93ede26eaffdeae4a6ad4c85943a4bb9eed1d37b589bee9d9155f405f4257d9ec722b93f045faea987139fc0eff6abfb2e77d96e0126e

    • SSDEEP

      12288:mpSOF524rzRxSbYm5iLuT/w+GMeoZNsAQvoMn+f+BY8CXbem:mAObfrz4suT/e1aWAQAM8d

    Score
    1/10

MITRE ATT&CK Matrix

Tasks