General

  • Target

    ac8ac4809517e663c66018b5dbc6fa19_JaffaCakes118

  • Size

    9.5MB

  • Sample

    240615-ckgs8awarf

  • MD5

    ac8ac4809517e663c66018b5dbc6fa19

  • SHA1

    8085ded8fc917e797172fcc45315e33995ecf923

  • SHA256

    04ff9322067ce3d45c8e6bbf855a418958b4efac3f5251c40782b89cd43e3c69

  • SHA512

    7a456e0beed24e383b1f913de6cc5934bb6c036852644d024ecd6751e4ae872fd610aed2fbb3d6f8de5c0667f04c201bc8fd9d1f6b85833b8053ad22a9c5ca7c

  • SSDEEP

    196608:6+mD5nR0HVL+pJeLazsh4knnCVnRq1ZjBs7rMY7iT9:xmLCV6Bwh4aCS1Z657iT9

Malware Config

Targets

    • Target

      ac8ac4809517e663c66018b5dbc6fa19_JaffaCakes118

    • Size

      9.5MB

    • MD5

      ac8ac4809517e663c66018b5dbc6fa19

    • SHA1

      8085ded8fc917e797172fcc45315e33995ecf923

    • SHA256

      04ff9322067ce3d45c8e6bbf855a418958b4efac3f5251c40782b89cd43e3c69

    • SHA512

      7a456e0beed24e383b1f913de6cc5934bb6c036852644d024ecd6751e4ae872fd610aed2fbb3d6f8de5c0667f04c201bc8fd9d1f6b85833b8053ad22a9c5ca7c

    • SSDEEP

      196608:6+mD5nR0HVL+pJeLazsh4knnCVnRq1ZjBs7rMY7iT9:xmLCV6Bwh4aCS1Z657iT9

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks