General

  • Target

    ad8d6972f2c5aeda50f36c3f65e657cd_JaffaCakes118

  • Size

    24.6MB

  • Sample

    240615-kffdlatgla

  • MD5

    ad8d6972f2c5aeda50f36c3f65e657cd

  • SHA1

    10e5474c1da20c97291304722662179c7eaebf72

  • SHA256

    34e9583396f1e5c125df5c7aa9c46527e3538fadf5c649823b4f199d3a5f0bff

  • SHA512

    3789fdaaa973910f62da22e49d3da07710e8c4ea00b20ef66dabbbf3b56a8ef98ea2aa80702f3d8c226f7645c662972406739dcfcf7dd026ac58df966881b712

  • SSDEEP

    786432:/zAyPLEdQmXpWawSVYR753L82nzS7Pw5Drbrf0PK:/EyPL8Qm5zwSVY5182nz9prbrsPK

Malware Config

Targets

    • Target

      ad8d6972f2c5aeda50f36c3f65e657cd_JaffaCakes118

    • Size

      24.6MB

    • MD5

      ad8d6972f2c5aeda50f36c3f65e657cd

    • SHA1

      10e5474c1da20c97291304722662179c7eaebf72

    • SHA256

      34e9583396f1e5c125df5c7aa9c46527e3538fadf5c649823b4f199d3a5f0bff

    • SHA512

      3789fdaaa973910f62da22e49d3da07710e8c4ea00b20ef66dabbbf3b56a8ef98ea2aa80702f3d8c226f7645c662972406739dcfcf7dd026ac58df966881b712

    • SSDEEP

      786432:/zAyPLEdQmXpWawSVYR753L82nzS7Pw5Drbrf0PK:/EyPL8Qm5zwSVY5182nz9prbrsPK

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks