General

  • Target

    b59bc915e3623e94b99c6223a9cc93ac_JaffaCakes118

  • Size

    9.3MB

  • Sample

    240616-2vmvnasbqc

  • MD5

    b59bc915e3623e94b99c6223a9cc93ac

  • SHA1

    d4034e9916460b39367ce9acc24e8d753a1483e8

  • SHA256

    34a49c3275177b982b842f8c1d0041c2a377ee2758f54b97408fc309543c7aa9

  • SHA512

    42e62213a976ed19cbc2941be021d055e1dceb6f484e9e66c9966abea501c06d1583c232d7565d32627ddd8ae5bc13e3b147c3243ce3e26ed8dba6913e12d9c3

  • SSDEEP

    196608:1Fuv0PT2SVYB6dTEb7zJ0yl9W9D/6W/QIiM2w4bEMn0Mk/7N05:+0C14TE7+oI9Dya5ikGEM0x7NY

Malware Config

Targets

    • Target

      b59bc915e3623e94b99c6223a9cc93ac_JaffaCakes118

    • Size

      9.3MB

    • MD5

      b59bc915e3623e94b99c6223a9cc93ac

    • SHA1

      d4034e9916460b39367ce9acc24e8d753a1483e8

    • SHA256

      34a49c3275177b982b842f8c1d0041c2a377ee2758f54b97408fc309543c7aa9

    • SHA512

      42e62213a976ed19cbc2941be021d055e1dceb6f484e9e66c9966abea501c06d1583c232d7565d32627ddd8ae5bc13e3b147c3243ce3e26ed8dba6913e12d9c3

    • SSDEEP

      196608:1Fuv0PT2SVYB6dTEb7zJ0yl9W9D/6W/QIiM2w4bEMn0Mk/7N05:+0C14TE7+oI9Dya5ikGEM0x7NY

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks