General

  • Target

    b449d54eaa0ed3078213e3e863938c88_JaffaCakes118

  • Size

    31.8MB

  • Sample

    240616-s511layfph

  • MD5

    b449d54eaa0ed3078213e3e863938c88

  • SHA1

    a491b3cd8c90fda7cbfa3a6d97ae42588f1ea685

  • SHA256

    8577e999f484aea502dc150e6b97d0e8e383bf8a3c2d35a89b27b46a39fea4fe

  • SHA512

    e97c6e423a20bc90256eb26cd1eb4a8b9a3f143cf6e15466c5e09c7148d5f02c6a37626dfcd5edc3826baec68cb3a8b29e8b51c0f3e6f5ac13e4a59069043b48

  • SSDEEP

    786432:7GUoXl7lagm//1j8PPPo5BPC/ghJspZHHTavhrGvtgpi:aBV7llm//GPHUBOg3spNTWWtgs

Malware Config

Targets

    • Target

      b449d54eaa0ed3078213e3e863938c88_JaffaCakes118

    • Size

      31.8MB

    • MD5

      b449d54eaa0ed3078213e3e863938c88

    • SHA1

      a491b3cd8c90fda7cbfa3a6d97ae42588f1ea685

    • SHA256

      8577e999f484aea502dc150e6b97d0e8e383bf8a3c2d35a89b27b46a39fea4fe

    • SHA512

      e97c6e423a20bc90256eb26cd1eb4a8b9a3f143cf6e15466c5e09c7148d5f02c6a37626dfcd5edc3826baec68cb3a8b29e8b51c0f3e6f5ac13e4a59069043b48

    • SSDEEP

      786432:7GUoXl7lagm//1j8PPPo5BPC/ghJspZHHTavhrGvtgpi:aBV7llm//GPHUBOg3spNTWWtgs

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks