General

  • Target

    ba2e81e0722c0394dafc1553ceec5d34_JaffaCakes118

  • Size

    14.3MB

  • Sample

    240617-3x2bhazaka

  • MD5

    ba2e81e0722c0394dafc1553ceec5d34

  • SHA1

    2b8d8eecdf148d167ba11e74cee8f7c36adf33f9

  • SHA256

    95be7d9f3f5b37c616319b749ab43a84b894912f725ed3cb06f55f87ef13f63a

  • SHA512

    d17218ea67618ed30a0348f58ef6590c89efe2a6397bc20ba7dc63e0a2f122852df0e90bb88e3c1f567249ac74b31800d01e84fee91709a7721551b6de87df84

  • SSDEEP

    393216:5eUXxw0+ZQfMLoVurEYWsqRwbmSB59adU0I+c:5eYjMQfMc+usqMbCV9c

Malware Config

Targets

    • Target

      ba2e81e0722c0394dafc1553ceec5d34_JaffaCakes118

    • Size

      14.3MB

    • MD5

      ba2e81e0722c0394dafc1553ceec5d34

    • SHA1

      2b8d8eecdf148d167ba11e74cee8f7c36adf33f9

    • SHA256

      95be7d9f3f5b37c616319b749ab43a84b894912f725ed3cb06f55f87ef13f63a

    • SHA512

      d17218ea67618ed30a0348f58ef6590c89efe2a6397bc20ba7dc63e0a2f122852df0e90bb88e3c1f567249ac74b31800d01e84fee91709a7721551b6de87df84

    • SSDEEP

      393216:5eUXxw0+ZQfMLoVurEYWsqRwbmSB59adU0I+c:5eYjMQfMc+usqMbCV9c

    • Checks if the Android device is rooted.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks