General

  • Target

    ba7944d096ba95ce06d5222467cdab0a_JaffaCakes118

  • Size

    16.7MB

  • Sample

    240618-jdk1maxdkl

  • MD5

    ba7944d096ba95ce06d5222467cdab0a

  • SHA1

    4eae087ccd56b8c64edefd59a8735ca47c2f8ed2

  • SHA256

    47090cbfe77e5ecd87eb06e274d9ef2218c50b03cba699e05bd447cbf9c21274

  • SHA512

    c6041a9c807b5f4674fc666618996dfd4bbf36d10c97e10b9e33eb3f605b3b6933a79e3c4fa7ca7199cc6b8a63c63ea81441dc9a6082644063a4123114ba7afe

  • SSDEEP

    393216:AzIk4WE1GTJAOeQDGTJAOnfTwbOGvB7anIjE6FmG/U7O2DtYG6D:AOWlATvAm0BvEnamGJAm

Malware Config

Targets

    • Target

      ba7944d096ba95ce06d5222467cdab0a_JaffaCakes118

    • Size

      16.7MB

    • MD5

      ba7944d096ba95ce06d5222467cdab0a

    • SHA1

      4eae087ccd56b8c64edefd59a8735ca47c2f8ed2

    • SHA256

      47090cbfe77e5ecd87eb06e274d9ef2218c50b03cba699e05bd447cbf9c21274

    • SHA512

      c6041a9c807b5f4674fc666618996dfd4bbf36d10c97e10b9e33eb3f605b3b6933a79e3c4fa7ca7199cc6b8a63c63ea81441dc9a6082644063a4123114ba7afe

    • SSDEEP

      393216:AzIk4WE1GTJAOeQDGTJAOnfTwbOGvB7anIjE6FmG/U7O2DtYG6D:AOWlATvAm0BvEnamGJAm

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks