General

  • Target

    bb0f71e73ef3920d6884d77c1e795b50_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240618-gxhcqs1apg

  • MD5

    bb0f71e73ef3920d6884d77c1e795b50

  • SHA1

    225772c2e299868aec12a8a1815aca32705f5058

  • SHA256

    49e2a94a4ee06a02185d28bbc3b6d93613887604c6193fcdc82022bacaafd347

  • SHA512

    acc3f49dd54e4567a815d6481bc24761603137a3841a2e72b87112bb25de2ce3fdd2e6cafa02187899c45bae87130ef54a40a935c61ef510168b122b76761d74

  • SSDEEP

    24576:f0DR/V+CDjantX4JiiBLg8sYwhoxta0kOwsvIe8m8r6rRXMWp4poK1xw:ohDGnO8BzYwh4uGNoYRXt6bw

Malware Config

Targets

    • Target

      bb0f71e73ef3920d6884d77c1e795b50_JaffaCakes118

    • Size

      1.6MB

    • MD5

      bb0f71e73ef3920d6884d77c1e795b50

    • SHA1

      225772c2e299868aec12a8a1815aca32705f5058

    • SHA256

      49e2a94a4ee06a02185d28bbc3b6d93613887604c6193fcdc82022bacaafd347

    • SHA512

      acc3f49dd54e4567a815d6481bc24761603137a3841a2e72b87112bb25de2ce3fdd2e6cafa02187899c45bae87130ef54a40a935c61ef510168b122b76761d74

    • SSDEEP

      24576:f0DR/V+CDjantX4JiiBLg8sYwhoxta0kOwsvIe8m8r6rRXMWp4poK1xw:ohDGnO8BzYwh4uGNoYRXt6bw

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Reads the content of SMS inbox messages.

    • Reads the content of the SMS messages.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Requests dangerous framework permissions

MITRE ATT&CK Mobile v15

Tasks