General

  • Target

    ae5c4b14c1aaf50a321f9efd2bce2264_JaffaCakes118

  • Size

    18.5MB

  • Sample

    240615-pb95materl

  • MD5

    ae5c4b14c1aaf50a321f9efd2bce2264

  • SHA1

    89c008d93bfe6204539f3b0c85f5a8615b685556

  • SHA256

    dd3d0ee3d4c82980822e940853b99a90a54870f9effa2d29efe75041b5e0147f

  • SHA512

    42d76c57bb00660b83a3155c1792d91672578ef225a0a228b74b6e42260d12b0b56d0776f7c4005694c1b602a27925b38ec9353c2bfb6060858b3900de076434

  • SSDEEP

    393216:UpC8aprT6Xznof9SuK/+2pWorC1yEYEv3GxRND5NLHD1hFG:UM8ZDnW9y/+hfcY3GxRdDJh4

Malware Config

Targets

    • Target

      ae5c4b14c1aaf50a321f9efd2bce2264_JaffaCakes118

    • Size

      18.5MB

    • MD5

      ae5c4b14c1aaf50a321f9efd2bce2264

    • SHA1

      89c008d93bfe6204539f3b0c85f5a8615b685556

    • SHA256

      dd3d0ee3d4c82980822e940853b99a90a54870f9effa2d29efe75041b5e0147f

    • SHA512

      42d76c57bb00660b83a3155c1792d91672578ef225a0a228b74b6e42260d12b0b56d0776f7c4005694c1b602a27925b38ec9353c2bfb6060858b3900de076434

    • SSDEEP

      393216:UpC8aprT6Xznof9SuK/+2pWorC1yEYEv3GxRND5NLHD1hFG:UM8ZDnW9y/+hfcY3GxRdDJh4

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Target

      com.felink.videopaper.plugin_V_7_M_26d215687eb596347a3b2f8531d638a4.jar

    • Size

      1.9MB

    • MD5

      585d085ff7bb193139f4dde10db0144e

    • SHA1

      7ac11cdcc514c429efcd466248482f992d458f62

    • SHA256

      edd8e282894abb2606b126545efce28bd21f749d005b5b135e6a3f3e7f37a87d

    • SHA512

      7178f98c7d1946e82cacdf33ebbaa4105fe52eca283f83efdd6e868616c50f3d3033802e6ac954b47abd691e40637bb9007a228f0033d8cc8392640ee33c0fcc

    • SSDEEP

      49152:8cmC04J/yfiiEFaWEEdNStF2wZIxTlJ7CHkSJ95eXIN9/IC:8dC0hfivaWbNSzKhJ7st/9QC

    • Checks if the Android device is rooted.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Target

      com.nd.hilauncherdev.plugin.navigation_V_68_M_9486d648f2271f96246b36b11e935e6e.jar

    • Size

      2.0MB

    • MD5

      3f118e5bf26bf25a3708ff5f9976e77e

    • SHA1

      225abdc10b5f4805108cd4b9453785546b339f76

    • SHA256

      d1cd983ac79e60ba711c0d1c25d840b0e7e91d8c257f017bf0a9226a2442c139

    • SHA512

      740d93246494621145ef2d3c0c7379eab0d04409e1091ae8065e3fee6f8f5f572062648c8b33c1896670870209e86968f7d256ccea16c67611ab06faf46d86ba

    • SSDEEP

      49152:IX4slgGRxCVD5hYpB8Rhib2I08WdMKppan7r:IX4sCAEkyib2388M6Kv

    Score
    1/10
    • Target

      nd.jar

    • Size

      3KB

    • MD5

      330e5a7a65f3d6593b4e3693cb6b581a

    • SHA1

      97ed25af93827667740ddc0f5f20efaa0db79f2f

    • SHA256

      effd679a8cfef061b537814b41f2733a9785d80d1d11f8c61216a78b35c747ca

    • SHA512

      3b2234d683cfbfde304d23150678595076eff41c691269dfc0d1d035b784113879e84d19ec732b257ea2146b4170edda2d8ece79449c2a33d948d0ae4e777328

    Score
    1/10

MITRE ATT&CK Matrix

Tasks