General

  • Target

    a0fbe3fe3b7de2738acd195d88cc06e7_JaffaCakes118

  • Size

    12.3MB

  • Sample

    240612-rqmzrasalr

  • MD5

    a0fbe3fe3b7de2738acd195d88cc06e7

  • SHA1

    71b269874f221bff6c9357cb24d8bc1ac4a1970b

  • SHA256

    2355a4a6b5f219afcc2e2d0ae24b1c71d1281261280a28f1a48da41d32d29505

  • SHA512

    ba96df7216c62594ac25b02410e2acdb0b26092ac5516c2856ecd0bc742a2a9aff7ab569118230a831073102b91859bf06e9596bc73178d455a08996b1f2f92c

  • SSDEEP

    393216:4IPQSOUSuQzZJFpWcNB46NRdYmHRceiLD:4IYSOUSJzZJf/RZHMD

Malware Config

Targets

    • Target

      a0fbe3fe3b7de2738acd195d88cc06e7_JaffaCakes118

    • Size

      12.3MB

    • MD5

      a0fbe3fe3b7de2738acd195d88cc06e7

    • SHA1

      71b269874f221bff6c9357cb24d8bc1ac4a1970b

    • SHA256

      2355a4a6b5f219afcc2e2d0ae24b1c71d1281261280a28f1a48da41d32d29505

    • SHA512

      ba96df7216c62594ac25b02410e2acdb0b26092ac5516c2856ecd0bc742a2a9aff7ab569118230a831073102b91859bf06e9596bc73178d455a08996b1f2f92c

    • SSDEEP

      393216:4IPQSOUSuQzZJFpWcNB46NRdYmHRceiLD:4IYSOUSJzZJf/RZHMD

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks