General

  • Target

    a9d034cb4cc4d0111a97260da12f99fb_JaffaCakes118

  • Size

    2.5MB

  • Sample

    240614-p91c3s1hmc

  • MD5

    a9d034cb4cc4d0111a97260da12f99fb

  • SHA1

    8a69a55b03e8d313887af8e11ef00913914788b5

  • SHA256

    fa498cfe5afae738e736455a910de45933785858125d92fa9530e8a8f6083f33

  • SHA512

    8a67815026a1adeb7cfa506829d5d5652b9f5ae6391aad042da08c3ccbec9299fbd7afab81b4ccd743602d103a5cd22e4bec94797d182e03a58b2e0509172fed

  • SSDEEP

    49152:3gM3Ei2Lnu2S9xphxvrymYb05EWBCkIannhfc3tBGAn2yf23IOYSQMuKpnQr:wM38u2SkmYgKWHnhfc9HSWJB

Malware Config

Targets

    • Target

      a9d034cb4cc4d0111a97260da12f99fb_JaffaCakes118

    • Size

      2.5MB

    • MD5

      a9d034cb4cc4d0111a97260da12f99fb

    • SHA1

      8a69a55b03e8d313887af8e11ef00913914788b5

    • SHA256

      fa498cfe5afae738e736455a910de45933785858125d92fa9530e8a8f6083f33

    • SHA512

      8a67815026a1adeb7cfa506829d5d5652b9f5ae6391aad042da08c3ccbec9299fbd7afab81b4ccd743602d103a5cd22e4bec94797d182e03a58b2e0509172fed

    • SSDEEP

      49152:3gM3Ei2Lnu2S9xphxvrymYb05EWBCkIannhfc3tBGAn2yf23IOYSQMuKpnQr:wM38u2SkmYgKWHnhfc9HSWJB

    • Checks if the Android device is rooted.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Matrix

Tasks