General

  • Target

    b4b37419bf59c7067cd6ae0f2298688c_JaffaCakes118

  • Size

    4.0MB

  • Sample

    240616-xnv58sxaqm

  • MD5

    b4b37419bf59c7067cd6ae0f2298688c

  • SHA1

    472655ec0802adbf2d88564d248b3a78fce9302a

  • SHA256

    f6ff28476db3fd7b51cefe1f42ebaa56adc794f97251a7ebfd99c50ce9ef5eec

  • SHA512

    8923a4e2244a369eac12c8f6e74b259d1791abfee6277dc03456be9cb0c620b447102d6fe3cb99d8b9ce974ead8fa526e8754d1e11a9cc643534807c29b2ded4

  • SSDEEP

    98304:uNiihNZB/CRd+Zv4hnG2QQymvGJeiTwRDfiAeKHsa80W:UtZB/Cb+ZmnG2QQdKXwgL

Malware Config

Targets

    • Target

      b4b37419bf59c7067cd6ae0f2298688c_JaffaCakes118

    • Size

      4.0MB

    • MD5

      b4b37419bf59c7067cd6ae0f2298688c

    • SHA1

      472655ec0802adbf2d88564d248b3a78fce9302a

    • SHA256

      f6ff28476db3fd7b51cefe1f42ebaa56adc794f97251a7ebfd99c50ce9ef5eec

    • SHA512

      8923a4e2244a369eac12c8f6e74b259d1791abfee6277dc03456be9cb0c620b447102d6fe3cb99d8b9ce974ead8fa526e8754d1e11a9cc643534807c29b2ded4

    • SSDEEP

      98304:uNiihNZB/CRd+Zv4hnG2QQymvGJeiTwRDfiAeKHsa80W:UtZB/Cb+ZmnG2QQdKXwgL

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Target

      sdk.jar

    • Size

      127KB

    • MD5

      4e7bdc12dba237c8a237687d2c1baf34

    • SHA1

      7bdb206603276da76ae32f13f4baae8666680081

    • SHA256

      8fb02d79d0120da325059cde2c13c753f4ad219a2b16d865ce3e227410d2b595

    • SHA512

      d8d8b04f5292ab2eb4b33e71d89a2fc862c819b02f884ee7f3c04e42b65e1f1da5f0dc06451b8b3ef4d00056b945862811e48e5b2241f1bcc1821a556bce593a

    • SSDEEP

      3072:4N8riHb3oc5mcJzNemXxni7I9cvvGuaHeIp7cQGg87i:4WrKb3oc5llpXxni7I2i+IBjGgui

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks