General

  • Target

    aaa88468c8f62f809de813505bf9e991_JaffaCakes118

  • Size

    11.7MB

  • Sample

    240614-tvdb8a1hrq

  • MD5

    aaa88468c8f62f809de813505bf9e991

  • SHA1

    6ac7259016a888b81a0a6eaebead52896af6d120

  • SHA256

    74f3958c32e79e066877cedcb7120e574e9d55a44723decae6dcb9d801c744da

  • SHA512

    cb699dc1433b3cc27a7da177bd132a6f54364eb03c96060f58f2a8ed3268453dfd30d9b18b4a81f003b690ddf029834822842e49bb8623caefc41fafb67ede23

  • SSDEEP

    196608:eiu8o0Jg/XUEoCLroCBSZL7p+ShkG0EAKxDTOB6xNe9XuCfWMqZWNMGhkG7GZ4yd:eWpJg/XUEoTP19kG0XKxDTbNe9XuCfWN

Malware Config

Targets

    • Target

      aaa88468c8f62f809de813505bf9e991_JaffaCakes118

    • Size

      11.7MB

    • MD5

      aaa88468c8f62f809de813505bf9e991

    • SHA1

      6ac7259016a888b81a0a6eaebead52896af6d120

    • SHA256

      74f3958c32e79e066877cedcb7120e574e9d55a44723decae6dcb9d801c744da

    • SHA512

      cb699dc1433b3cc27a7da177bd132a6f54364eb03c96060f58f2a8ed3268453dfd30d9b18b4a81f003b690ddf029834822842e49bb8623caefc41fafb67ede23

    • SSDEEP

      196608:eiu8o0Jg/XUEoCLroCBSZL7p+ShkG0EAKxDTOB6xNe9XuCfWMqZWNMGhkG7GZ4yd:eWpJg/XUEoTP19kG0XKxDTbNe9XuCfWN

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Reads the content of the SMS messages.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks