General

  • Target

    a80b506186c0d1907ed63626db476d6d_JaffaCakes118

  • Size

    17.9MB

  • Sample

    240614-fectvsvhmd

  • MD5

    a80b506186c0d1907ed63626db476d6d

  • SHA1

    4daa3d65d7dac34625e9c475126b6eb98fc776a8

  • SHA256

    128bb81916971f2e6b8c66d881a250b582a81bfcea24321ade55f928cdf65fca

  • SHA512

    176785a6e741e4d23f6ccad5c3315ef45e01fe55d6fddb05f9c924085f59f3c966617475b4c3eece3ef653d2ce0572ece9616d482101613d83210e540f2052a8

  • SSDEEP

    393216:B9u9O4X9uGtUNCK54bOZkLx0hb2+MAxGkPD19s7ec8WXgRl:Sc4X9uGtUXzset2+WyLQec8p

Malware Config

Targets

    • Target

      a80b506186c0d1907ed63626db476d6d_JaffaCakes118

    • Size

      17.9MB

    • MD5

      a80b506186c0d1907ed63626db476d6d

    • SHA1

      4daa3d65d7dac34625e9c475126b6eb98fc776a8

    • SHA256

      128bb81916971f2e6b8c66d881a250b582a81bfcea24321ade55f928cdf65fca

    • SHA512

      176785a6e741e4d23f6ccad5c3315ef45e01fe55d6fddb05f9c924085f59f3c966617475b4c3eece3ef653d2ce0572ece9616d482101613d83210e540f2052a8

    • SSDEEP

      393216:B9u9O4X9uGtUNCK54bOZkLx0hb2+MAxGkPD19s7ec8WXgRl:Sc4X9uGtUXzset2+WyLQec8p

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks