General

  • Target

    b4b55a026b4e3097c6deccaf925921ec_JaffaCakes118

  • Size

    31.9MB

  • Sample

    240616-xpsfqsshrd

  • MD5

    b4b55a026b4e3097c6deccaf925921ec

  • SHA1

    0806432d2d3c15685d6c38d051f6c5b6d5d64e7d

  • SHA256

    72a02f8807ed1312463440278f0b84cb06224517817f992a443d8a65798b6685

  • SHA512

    41c5362463cc7924376603267a71a0bf6be184fe80195831221a2f63145693b6279205130cd96e4e7195866543d2fed0f95c5a51472afa578dbc9419e512b271

  • SSDEEP

    786432:VQGUoXl7gyL7gpo3C/gChsHaGkcpAJ2piTsq4liEr15:VRBV7P7giGgraGfI7sq4YM15

Malware Config

Targets

    • Target

      b4b55a026b4e3097c6deccaf925921ec_JaffaCakes118

    • Size

      31.9MB

    • MD5

      b4b55a026b4e3097c6deccaf925921ec

    • SHA1

      0806432d2d3c15685d6c38d051f6c5b6d5d64e7d

    • SHA256

      72a02f8807ed1312463440278f0b84cb06224517817f992a443d8a65798b6685

    • SHA512

      41c5362463cc7924376603267a71a0bf6be184fe80195831221a2f63145693b6279205130cd96e4e7195866543d2fed0f95c5a51472afa578dbc9419e512b271

    • SSDEEP

      786432:VQGUoXl7gyL7gpo3C/gChsHaGkcpAJ2piTsq4liEr15:VRBV7P7giGgraGfI7sq4YM15

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks