General

  • Target

    b09a1d914c1aab27ffe33b4968236ddb_JaffaCakes118

  • Size

    29.6MB

  • Sample

    240615-26zzcssfjj

  • MD5

    b09a1d914c1aab27ffe33b4968236ddb

  • SHA1

    b718481051aa53b35a662fa1884d5f817e595807

  • SHA256

    2babc194e0dc8aa2ab84f148701d706fd2bbaab5ad613c278f04dfa2f0a34468

  • SHA512

    077535ac960679dd2f0ee6a09278540f49048bba43b9d25781dbf64a0bd686fb50b219ab1de2ddd35e21fb968f1d891671cbbb079966bcec94eef6bb1a5c4732

  • SSDEEP

    786432:CkFTJUIgANZ1VoZ7PZrTFIje5fmeVenWk2NPCh+:CEtU9AV+Z7hrTFd5fxNk2NPCh+

Malware Config

Targets

    • Target

      b09a1d914c1aab27ffe33b4968236ddb_JaffaCakes118

    • Size

      29.6MB

    • MD5

      b09a1d914c1aab27ffe33b4968236ddb

    • SHA1

      b718481051aa53b35a662fa1884d5f817e595807

    • SHA256

      2babc194e0dc8aa2ab84f148701d706fd2bbaab5ad613c278f04dfa2f0a34468

    • SHA512

      077535ac960679dd2f0ee6a09278540f49048bba43b9d25781dbf64a0bd686fb50b219ab1de2ddd35e21fb968f1d891671cbbb079966bcec94eef6bb1a5c4732

    • SSDEEP

      786432:CkFTJUIgANZ1VoZ7PZrTFIje5fmeVenWk2NPCh+:CEtU9AV+Z7hrTFd5fxNk2NPCh+

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Requests dangerous framework permissions

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      Letv_Ads.apk

    • Size

      144KB

    • MD5

      088e32ab9afe0b0952927d20903cb6a5

    • SHA1

      dc1ff5b9e4782ea39867a5c5e43769c4291596ce

    • SHA256

      412f73e1dd3a506f475ecba46aaae75ebb174a4427b297c0f768bf6e569b9b39

    • SHA512

      1754c9984bd263579d41b10911f68aff45704cc4073f90717836cff12a0473dd55963be1cef5cc0760b93b1e825cf7189ff272c9a303f877c12277fe3e19db47

    • SSDEEP

      3072:u2RrirO5YbqEBATAZW9zyMTdj7TBM/7j7ZW0:u2RrGO5YbqEBGAuyMTdj7l2Tl

    Score
    1/10
    • Target

      cmf.plugin

    • Size

      12.5MB

    • MD5

      f1c7df03ea6c1dc3dbe15cfd708a1998

    • SHA1

      e3d395f7ac3df11e15ca0b06ea03bceea327bc65

    • SHA256

      0be168c021da180738724a05af0bd0bc979337f1ba053c6e18505187792f076d

    • SHA512

      997d3814f4ebfee745168f53a9ab04e07f62467af4cda9aa35adfc0e8917fe646e01b37711bb3ec3a21d432c47159a10cbce03776f15fcaaf31013e66dc29976

    • SSDEEP

      393216:afnek7FIa40vZORxqSqrAkze24PAMKPxxQZ:Xk7FpMxDqrB8vixI

    Score
    1/10

MITRE ATT&CK Matrix

Tasks