Overview

overview

10

Static

static

10

28f6a34862...18.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28f6a34862de3a0b0008d5a0644ce5a5_JaffaCakes118

  • Size

    1.5MB

  • Sample

    241009-cmh43axbre

  • MD5

    28f6a34862de3a0b0008d5a0644ce5a5

  • SHA1

    4391959e9e1fde7741647662083cf7613388d8ac

  • SHA256

    bd883483174215287fa4cd3ad0cd52065400bd88641f3c88b44d08cf37e08dc0

  • SHA512

    86803fd341cfbb97ed7c51c56319818112d6123f2ca57f96420dd81950a85778469e7edebfc2a2d278a9fb57e0faf20cf9ed62db633bfbee7867048fce3c1c34

  • SSDEEP

    49152:3IgJPz+Qrk9V1X+oP/lMrxh8tdwS8igmBLm:Rz+QrQ1XjlMrxh8tz8iBBq

Score
10/10
badmirrorandroiddiscoveryinfostealerpersistencerattrojan

Malware Config

Targets

    • Target

      28f6a34862de3a0b0008d5a0644ce5a5_JaffaCakes118

    • Size

      1.5MB

    • MD5

      28f6a34862de3a0b0008d5a0644ce5a5

    • SHA1

      4391959e9e1fde7741647662083cf7613388d8ac

    • SHA256

      bd883483174215287fa4cd3ad0cd52065400bd88641f3c88b44d08cf37e08dc0

    • SHA512

      86803fd341cfbb97ed7c51c56319818112d6123f2ca57f96420dd81950a85778469e7edebfc2a2d278a9fb57e0faf20cf9ed62db633bfbee7867048fce3c1c34

    • SSDEEP

      49152:3IgJPz+Qrk9V1X+oP/lMrxh8tdwS8igmBLm:Rz+QrQ1XjlMrxh8tz8iBBq

    Score
    10/10
    badmirrordiscoveryinfostealerpersistencerattrojan

    • BadMirror

      BadMirror is an Android infostealer first seen in March 2016.

      trojaninfostealerratbadmirror

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Queries information about active data network

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Queries the mobile country code (MCC)

      discovery
    behavioral1

MITRE ATT&CK Mobile v15

Tasks