General

  • Target

    b739443242b92a9c95a8551190a71d87_JaffaCakes118

  • Size

    17.6MB

  • Sample

    240617-hcgq5ssfjl

  • MD5

    b739443242b92a9c95a8551190a71d87

  • SHA1

    1629fd06bc2cc889a9bd20b4e0852120015890b9

  • SHA256

    c3bfb7b51ca4e4202affc6c6805280ad0c03236755d577b806aa7704f631e37e

  • SHA512

    dac19d028ed60f2f51dc61a40765e1affe41a6120571af868f9d027eb475e3aed20244c085485c60cac0568e5e5df80c9b51cf3f96278fab6e5ff205bff42f9d

  • SSDEEP

    393216:HnN0SXCnuqyXVhIA2OTGoqUvq5P7E1FvoiCf:JXiuqyneOTHq62P7ERjQ

Malware Config

Targets

    • Target

      b739443242b92a9c95a8551190a71d87_JaffaCakes118

    • Size

      17.6MB

    • MD5

      b739443242b92a9c95a8551190a71d87

    • SHA1

      1629fd06bc2cc889a9bd20b4e0852120015890b9

    • SHA256

      c3bfb7b51ca4e4202affc6c6805280ad0c03236755d577b806aa7704f631e37e

    • SHA512

      dac19d028ed60f2f51dc61a40765e1affe41a6120571af868f9d027eb475e3aed20244c085485c60cac0568e5e5df80c9b51cf3f96278fab6e5ff205bff42f9d

    • SSDEEP

      393216:HnN0SXCnuqyXVhIA2OTGoqUvq5P7E1FvoiCf:JXiuqyneOTHq62P7ERjQ

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Reads the contacts stored on the device.

    • Reads the content of photos stored on the user's device.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the mobile country code (MCC)

MITRE ATT&CK Mobile v15

Tasks