General

  • Target

    bc37155b3e7e9a3d43042d2fb4957f5b_JaffaCakes118

  • Size

    31.2MB

  • Sample

    240618-qwslrazekn

  • MD5

    bc37155b3e7e9a3d43042d2fb4957f5b

  • SHA1

    100605627037c460d73cf7598c2949d99fe9e9e9

  • SHA256

    81e8627cd0514513e9b9b944ae33a8e4c20c89903f738c35bf12c50752db39c4

  • SHA512

    6a26519cfeb1f5b6f471448aa5b54bcaa63a31ecb265b0fdac0ea98be3081810ef4fda21bf9578246b7133d652038c8adc50d2a7a7df67b9cb103aa90b99f420

  • SSDEEP

    786432:iCzm7pfiwe4jGVOFrhQtoAudKc5tpU6DhfAyWfwGmhfAyWe:Z/4jGVOFr3AwKc5E6DlMmlp

Malware Config

Targets

    • Target

      bc37155b3e7e9a3d43042d2fb4957f5b_JaffaCakes118

    • Size

      31.2MB

    • MD5

      bc37155b3e7e9a3d43042d2fb4957f5b

    • SHA1

      100605627037c460d73cf7598c2949d99fe9e9e9

    • SHA256

      81e8627cd0514513e9b9b944ae33a8e4c20c89903f738c35bf12c50752db39c4

    • SHA512

      6a26519cfeb1f5b6f471448aa5b54bcaa63a31ecb265b0fdac0ea98be3081810ef4fda21bf9578246b7133d652038c8adc50d2a7a7df67b9cb103aa90b99f420

    • SSDEEP

      786432:iCzm7pfiwe4jGVOFrhQtoAudKc5tpU6DhfAyWfwGmhfAyWe:Z/4jGVOFr3AwKc5E6DlMmlp

    • Checks if the Android device is rooted.

    • Checks Android system properties for emulator presence.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Target

      com.anzogame.yys.plug.pkg

    • Size

      9.7MB

    • MD5

      1f7a6288cbfe7a3a8f6b2f7f280e81ce

    • SHA1

      193eee975ebbe3f606ce922170378846b25f3b45

    • SHA256

      1e205d246ae3df4a9f784195381db6ea9e41ce6a2ce5075d60feffa2a1d7afd9

    • SHA512

      f38f39858630eb8562b38d090a798826cddccd5e21f74a518582f54d28bdc168511baa976f24fd28e1998ee10a6047893c53267a458ba187d5182fbcb5ad2129

    • SSDEEP

      196608:x+IA2rVEtBiy8/ZTdabRB6IqTFmfjSIdutWdQssyawYwe4J6tX9aXiA1:IIA2q6x0bvpfSsyFwem6na91

    Score
    1/10
    • Target

      com.anzogame.yys.plug.pkg

    • Size

      4.9MB

    • MD5

      23a3b474cc7c3d28dae10ec5e0d390c5

    • SHA1

      0ccf3b85d448870bae27352d23b30c29033506d3

    • SHA256

      dd2ccf65b2789ebc97451be1d18a087028030b05aa443743f9410e9267a89536

    • SHA512

      e4679d27d3391ecd99aad246960201202705e2df622275637d0e34cd4aca33412ec4ec4036d43a1d6af77587cd8767cf1d316fbbec12d82deee5d4c48c13dbf8

    • SSDEEP

      98304:g+ExGn8jqKSIN7BSlDpIzBLA3NS0KgGqxAWMY/oakbD:g+EsnrON7EDpI634079xJ/ga2

    Score
    1/10
    • Target

      imread.src

    • Size

      1.3MB

    • MD5

      df2ae6129a8f0eedddcf8d8157d45c25

    • SHA1

      3a36f636f2324d98a90aaa2bc78dd769026dc4b1

    • SHA256

      0a7fdec3cada01027ddb25e33832374d94a8a1bdf3b634901640d1d12c995348

    • SHA512

      199110ce7650b86688fcc32504224780a4709d01ad37d307e3939d9f7bb48d74fcf47d92e4deec41e595ecf76d7ae22cd48de33d16dfbcd0b29b54c2877f3134

    • SSDEEP

      24576:NfryxzHpeNa9qLimWewmThX2ijMmA+0ZzaJjOSIkZWgBmF4/A:xCen7Bw02NmAHZzaJjOSIkcgEOA

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks