General

  • Target

    ba5976c52c9a0d06343c2f5237b2cf21_JaffaCakes118

  • Size

    28.6MB

  • Sample

    240618-hxszxascrh

  • MD5

    ba5976c52c9a0d06343c2f5237b2cf21

  • SHA1

    1fae29b3a0adcf05a6f1847c21479643c972b182

  • SHA256

    054c7119f8ead58079b47c955f3713944db0b9dc157c02bb47abe749d5c305f8

  • SHA512

    03847097e70e110727cbc08f0031cecaab3cc2a98f7f998d0c009c80a5c96629f4a93df16902e44620a9eca4cf283a61f474bbac17a5e113b94a1cca14e09018

  • SSDEEP

    786432:0AYW3wX2/W9TzFTD9zRUBste0Hj1NEjUVJKu5X1IzTvC+jMhUs:LYW3wX2+9TzF/9zRUBM1NEAvKA0zMh1

Malware Config

Targets

    • Target

      ba5976c52c9a0d06343c2f5237b2cf21_JaffaCakes118

    • Size

      28.6MB

    • MD5

      ba5976c52c9a0d06343c2f5237b2cf21

    • SHA1

      1fae29b3a0adcf05a6f1847c21479643c972b182

    • SHA256

      054c7119f8ead58079b47c955f3713944db0b9dc157c02bb47abe749d5c305f8

    • SHA512

      03847097e70e110727cbc08f0031cecaab3cc2a98f7f998d0c009c80a5c96629f4a93df16902e44620a9eca4cf283a61f474bbac17a5e113b94a1cca14e09018

    • SSDEEP

      786432:0AYW3wX2/W9TzFTD9zRUBste0Hj1NEjUVJKu5X1IzTvC+jMhUs:LYW3wX2+9TzF/9zRUBM1NEAvKA0zMh1

    • Checks if the Android device is rooted.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks