General

  • Target

    aeb9c32784dd90bfc1f6b6c59e110cc5_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240615-q5mf4asgjd

  • MD5

    aeb9c32784dd90bfc1f6b6c59e110cc5

  • SHA1

    ad669453e9fe4fee97dca2994c1526091edece86

  • SHA256

    5d12400e3cfff65f22d369e4fee364b69fd5de69fc610c8e520690ea757e9fb6

  • SHA512

    89421a32966760953ea4cbb9c5fb92663ff7fcc11e204ab1aeaaff81d1dcbe13a07f424354a37d0326a6e0aff19701c2c5cf58295c15ad6056b54d91cd376699

  • SSDEEP

    49152:ilNbum3ekJrkD7C1gRUw6R3SAnyRy24Uvr8Fu8c82NWR:irn1ex27nyYxnc8c74

Malware Config

Targets

    • Target

      aeb9c32784dd90bfc1f6b6c59e110cc5_JaffaCakes118

    • Size

      1.9MB

    • MD5

      aeb9c32784dd90bfc1f6b6c59e110cc5

    • SHA1

      ad669453e9fe4fee97dca2994c1526091edece86

    • SHA256

      5d12400e3cfff65f22d369e4fee364b69fd5de69fc610c8e520690ea757e9fb6

    • SHA512

      89421a32966760953ea4cbb9c5fb92663ff7fcc11e204ab1aeaaff81d1dcbe13a07f424354a37d0326a6e0aff19701c2c5cf58295c15ad6056b54d91cd376699

    • SSDEEP

      49152:ilNbum3ekJrkD7C1gRUw6R3SAnyRy24Uvr8Fu8c82NWR:irn1ex27nyYxnc8c74

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Matrix

Tasks