General

  • Target

    a35eed38e14e7b9e093f1f7db64967a9_JaffaCakes118

  • Size

    23.6MB

  • Sample

    240613-bxlr9syhqf

  • MD5

    a35eed38e14e7b9e093f1f7db64967a9

  • SHA1

    a57e4f3d3850b8a94a0f38bae10d54d61a46e5e2

  • SHA256

    9068a3f71b9849e1fc88488c5630bb3237c42c85dc40ccb00cc8204b697df824

  • SHA512

    34ea8669f04353bb6f2e1c790c60d0a3279b82b42b2592be31d09c559f7da1840ddd5472e2fcecce6040c730b0b09cd2d55e8cb68d0d3eedc6e12c1716ace2d1

  • SSDEEP

    393216:Q5joJnCQrxPDGPHOsWvcIxoBAADfed61MUFpGn89DCAc3xU/CiHRf1uHrzzR0vJ/:Q5jarGPFWdoSg2d8MUX8GDCj2+zt0vJ/

Malware Config

Targets

    • Target

      a35eed38e14e7b9e093f1f7db64967a9_JaffaCakes118

    • Size

      23.6MB

    • MD5

      a35eed38e14e7b9e093f1f7db64967a9

    • SHA1

      a57e4f3d3850b8a94a0f38bae10d54d61a46e5e2

    • SHA256

      9068a3f71b9849e1fc88488c5630bb3237c42c85dc40ccb00cc8204b697df824

    • SHA512

      34ea8669f04353bb6f2e1c790c60d0a3279b82b42b2592be31d09c559f7da1840ddd5472e2fcecce6040c730b0b09cd2d55e8cb68d0d3eedc6e12c1716ace2d1

    • SSDEEP

      393216:Q5joJnCQrxPDGPHOsWvcIxoBAADfed61MUFpGn89DCAc3xU/CiHRf1uHrzzR0vJ/:Q5jarGPFWdoSg2d8MUX8GDCj2+zt0vJ/

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks