General

  • Target

    bb08ece436d67b417679cdc37cf5020b_JaffaCakes118

  • Size

    25.7MB

  • Sample

    240618-gr7ensvcmm

  • MD5

    bb08ece436d67b417679cdc37cf5020b

  • SHA1

    4dda43a99a1600b99750c091810029ccc78e8601

  • SHA256

    2c2222bdbce1af7b89b497b6fe5f4edbc3859a82fb5140dd6c75ef6f7229fa1e

  • SHA512

    f5c084ae77f083abba5e4cad40eb7e653c00123eb77322635b80e45e764dd1f17aebe77596d10fd39bd81b9b95e50fe89555b3052b5046cdd697cb4a6b16ea86

  • SSDEEP

    786432:G7QgxIm8TpY72AD8YZX4uEHTYsl3GV6ecx9Lp:GKXpY72sZX4LHEstGV+Lp

Malware Config

Targets

    • Target

      bb08ece436d67b417679cdc37cf5020b_JaffaCakes118

    • Size

      25.7MB

    • MD5

      bb08ece436d67b417679cdc37cf5020b

    • SHA1

      4dda43a99a1600b99750c091810029ccc78e8601

    • SHA256

      2c2222bdbce1af7b89b497b6fe5f4edbc3859a82fb5140dd6c75ef6f7229fa1e

    • SHA512

      f5c084ae77f083abba5e4cad40eb7e653c00123eb77322635b80e45e764dd1f17aebe77596d10fd39bd81b9b95e50fe89555b3052b5046cdd697cb4a6b16ea86

    • SSDEEP

      786432:G7QgxIm8TpY72AD8YZX4uEHTYsl3GV6ecx9Lp:GKXpY72sZX4LHEstGV+Lp

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      360sdk_1_2008.zip

    • Size

      5.3MB

    • MD5

      72f323789a8cbb4f97f3e4aaa52c7497

    • SHA1

      db520020f0c2fe199b57dfb331e228ebdf72447b

    • SHA256

      b247b653d011457fc35c361b49603a91cbc00af2c2205820b0561a9993ed1c15

    • SHA512

      182ba0b914a25ff2871d828e3b845a4042338887dc6100bc2c7499a00355addf7bb127ef42ae94d501cccb8dcd981b469444d59132dbefc693028313c57ced39

    • SSDEEP

      98304:0UHm3svJnq2X12fyVyC1/BVpORp7ULHY5r9+6Q2pjKmTbjZ71qts+BEm9oAxkEiB:Rm3svJnh2fW1o/z5ZhQ2pxJMhBEso0tY

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks