General

  • Target

    a978cedb856003228b8cbe86ea44cb60_JaffaCakes118

  • Size

    19.0MB

  • Sample

    240614-nqyjpsyfrc

  • MD5

    a978cedb856003228b8cbe86ea44cb60

  • SHA1

    372083a0b4633e547f0435fa9578f58a5d96c78d

  • SHA256

    22816c3b17106df0af667bfb28d8d91eff7e7c24799f22b0fd2a3e2b45e8ba1e

  • SHA512

    bbb1051b855a903489ed25729ade1ff430ea5ae94fdbeace376df28c2d70d9217164e77b171c794097a029c6bc6bea73118dc915edd23a2eea94fefe2f0b4cf5

  • SSDEEP

    393216:ijlnqllo3aphCEEjsQ6GbPPW7QUOccnJLdenF3v37bbXIWk1:ijlnq7phCE6sQ6GlUaAfLPXBk1

Malware Config

Targets

    • Target

      a978cedb856003228b8cbe86ea44cb60_JaffaCakes118

    • Size

      19.0MB

    • MD5

      a978cedb856003228b8cbe86ea44cb60

    • SHA1

      372083a0b4633e547f0435fa9578f58a5d96c78d

    • SHA256

      22816c3b17106df0af667bfb28d8d91eff7e7c24799f22b0fd2a3e2b45e8ba1e

    • SHA512

      bbb1051b855a903489ed25729ade1ff430ea5ae94fdbeace376df28c2d70d9217164e77b171c794097a029c6bc6bea73118dc915edd23a2eea94fefe2f0b4cf5

    • SSDEEP

      393216:ijlnqllo3aphCEEjsQ6GbPPW7QUOccnJLdenF3v37bbXIWk1:ijlnq7phCE6sQ6GlUaAfLPXBk1

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks