General

  • Target

    a8a1da9817811d7048acfc5633d7f93b_JaffaCakes118

  • Size

    24.5MB

  • Sample

    240614-jvb42s1end

  • MD5

    a8a1da9817811d7048acfc5633d7f93b

  • SHA1

    572e77842cf4eb5358979f7074278ac179c9f8c7

  • SHA256

    11155ba150b01b5b24c0d6fca3fc91ee1eb5786011fb75cbae7ad2ff820f67b0

  • SHA512

    b8f4a242d5561f95be913b20ff6b25c8e0e6f16e061d9e0dcfb7809284dad34fa7370232b17f3bf6a9358929012c797690bdfc27bc575350eb0aca7694c7568d

  • SSDEEP

    393216:d7OaOCHpT2c06n5WRJhUpTcIfY8/ytv4Os1rgnp7h+FJhlsxbjCTASe+oqNhpa0H:s9CdYLRTUpZA8/OSUN8PGxRF+owa6

Malware Config

Targets

    • Target

      a8a1da9817811d7048acfc5633d7f93b_JaffaCakes118

    • Size

      24.5MB

    • MD5

      a8a1da9817811d7048acfc5633d7f93b

    • SHA1

      572e77842cf4eb5358979f7074278ac179c9f8c7

    • SHA256

      11155ba150b01b5b24c0d6fca3fc91ee1eb5786011fb75cbae7ad2ff820f67b0

    • SHA512

      b8f4a242d5561f95be913b20ff6b25c8e0e6f16e061d9e0dcfb7809284dad34fa7370232b17f3bf6a9358929012c797690bdfc27bc575350eb0aca7694c7568d

    • SSDEEP

      393216:d7OaOCHpT2c06n5WRJhUpTcIfY8/ytv4Os1rgnp7h+FJhlsxbjCTASe+oqNhpa0H:s9CdYLRTUpZA8/OSUN8PGxRF+owa6

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Target

      amap_resource1_0_0.png

    • Size

      24KB

    • MD5

      94a2a5f84a3fd6f0fd9134708ae1b81e

    • SHA1

      1e21afaa48ed86cb31aaf7b17c3514315364cc99

    • SHA256

      fc0c21884d4edfa4d93282139a309f204b27271a111a5b158edbc048f730b461

    • SHA512

      24a175d15cb5cf8d23f0d53b004ed5c9a47646129c816fcae1b46aedabd95bb2c6dd2958d39d6f98f36dec3cd55d6af2d9b8f7013ced4b37a30db566e9a44923

    • SSDEEP

      384:SevEWnTSCwukBdJ4dVCHyP7MPi3oqYXgnJk:3vEWnSue4+Sf3opQa

    Score
    1/10

MITRE ATT&CK Matrix

Tasks