General

  • Target

    afbfeeb120fce3da3c4fd47eb488db8a_JaffaCakes118

  • Size

    774KB

  • Sample

    240615-wxwmpatfrq

  • MD5

    afbfeeb120fce3da3c4fd47eb488db8a

  • SHA1

    aef7e9637daccf4a507ad90bdf8956debbbe64c4

  • SHA256

    becf54b345ee9c4b4ca3e97a27459ffee7710d806320fac9b4fa673dd8e6e715

  • SHA512

    649ccc7975471eee0e3d29036ce6d4dae9af65b669b01a49d6cbc73550c1b1d409d379ef39efa32f2fb9d753654876d6fad61e7cb64180f641f0c4dae207284b

  • SSDEEP

    24576:ZUiVQPateVoW8sHFKXbARlKljbboyCKaCLASr:ZU+UBydvAR0MyFflr

Malware Config

Targets

    • Target

      afbfeeb120fce3da3c4fd47eb488db8a_JaffaCakes118

    • Size

      774KB

    • MD5

      afbfeeb120fce3da3c4fd47eb488db8a

    • SHA1

      aef7e9637daccf4a507ad90bdf8956debbbe64c4

    • SHA256

      becf54b345ee9c4b4ca3e97a27459ffee7710d806320fac9b4fa673dd8e6e715

    • SHA512

      649ccc7975471eee0e3d29036ce6d4dae9af65b669b01a49d6cbc73550c1b1d409d379ef39efa32f2fb9d753654876d6fad61e7cb64180f641f0c4dae207284b

    • SSDEEP

      24576:ZUiVQPateVoW8sHFKXbARlKljbboyCKaCLASr:ZU+UBydvAR0MyFflr

    • Checks Android system properties for emulator presence.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks