General

  • Target

    a964b933f4327a904094676093672f2b_JaffaCakes118

  • Size

    6.4MB

  • Sample

    240614-new7haycmc

  • MD5

    a964b933f4327a904094676093672f2b

  • SHA1

    dbfb4a5645cf8fd3348d7c276f734685c38582dc

  • SHA256

    4a11667afdf142e63017f129c4d59bb0ffd886c869ce2b26f66a41bf7a06fdc0

  • SHA512

    5f028d571cfa2a72f9acd4f2578b57d13131d67c9ca69fa020498c6a45a51895644fc24cb5419ce6172d07282a71a5f231a380d9e71053c9522f4f009be385bc

  • SSDEEP

    98304:lsNMEH5oaxtq6LrsNGfYSaRtRQ6RTyJesgnYwN58mxnfktqD6:lsnH5hu6aR/JTqep8mxfktqm

Malware Config

Targets

    • Target

      a964b933f4327a904094676093672f2b_JaffaCakes118

    • Size

      6.4MB

    • MD5

      a964b933f4327a904094676093672f2b

    • SHA1

      dbfb4a5645cf8fd3348d7c276f734685c38582dc

    • SHA256

      4a11667afdf142e63017f129c4d59bb0ffd886c869ce2b26f66a41bf7a06fdc0

    • SHA512

      5f028d571cfa2a72f9acd4f2578b57d13131d67c9ca69fa020498c6a45a51895644fc24cb5419ce6172d07282a71a5f231a380d9e71053c9522f4f009be385bc

    • SSDEEP

      98304:lsNMEH5oaxtq6LrsNGfYSaRtRQ6RTyJesgnYwN58mxnfktqD6:lsnH5hu6aR/JTqep8mxfktqm

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Checks the presence of a debugger

MITRE ATT&CK Matrix

Tasks