General
-
Target
aaa88468c8f62f809de813505bf9e991_JaffaCakes118
-
Size
11.7MB
-
Sample
240614-tvdb8a1hrq
-
MD5
aaa88468c8f62f809de813505bf9e991
-
SHA1
6ac7259016a888b81a0a6eaebead52896af6d120
-
SHA256
74f3958c32e79e066877cedcb7120e574e9d55a44723decae6dcb9d801c744da
-
SHA512
cb699dc1433b3cc27a7da177bd132a6f54364eb03c96060f58f2a8ed3268453dfd30d9b18b4a81f003b690ddf029834822842e49bb8623caefc41fafb67ede23
-
SSDEEP
196608:eiu8o0Jg/XUEoCLroCBSZL7p+ShkG0EAKxDTOB6xNe9XuCfWMqZWNMGhkG7GZ4yd:eWpJg/XUEoTP19kG0XKxDTbNe9XuCfWN
Malware Config
Targets
-
-
Target
aaa88468c8f62f809de813505bf9e991_JaffaCakes118
-
Size
11.7MB
-
MD5
aaa88468c8f62f809de813505bf9e991
-
SHA1
6ac7259016a888b81a0a6eaebead52896af6d120
-
SHA256
74f3958c32e79e066877cedcb7120e574e9d55a44723decae6dcb9d801c744da
-
SHA512
cb699dc1433b3cc27a7da177bd132a6f54364eb03c96060f58f2a8ed3268453dfd30d9b18b4a81f003b690ddf029834822842e49bb8623caefc41fafb67ede23
-
SSDEEP
196608:eiu8o0Jg/XUEoCLroCBSZL7p+ShkG0EAKxDTOB6xNe9XuCfWMqZWNMGhkG7GZ4yd:eWpJg/XUEoTP19kG0XKxDTbNe9XuCfWN
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Reads the content of the SMS messages.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2