General

  • Target

    444ecfed0224c3845bc5bb951829f340_JaffaCakes118

  • Size

    4.9MB

  • Sample

    241014-1htl1a1hnr

  • MD5

    444ecfed0224c3845bc5bb951829f340

  • SHA1

    b5dd8cc77ea67fe6a0251ff03892bab5ac096a4a

  • SHA256

    2141d128ce96b9de0eefc63d32e8450e37286da5258b3acebe3a7bb610a782a7

  • SHA512

    0b1bd04899e8ed0b157e32db9d24ce41f878b2fe54376ac9b909f97d78c849f2acdeec377d97cea6ac22634524525c9e6f92ffd7383857a9757132186dcb2106

  • SSDEEP

    98304:yJtAQEY6PHv5lvnGsJbOkNZNkt2TLhENUOHudezPbXafuN2YT:28DuwhfNktuLhENtOomWce

Malware Config

Targets

    • Target

      444ecfed0224c3845bc5bb951829f340_JaffaCakes118

    • Size

      4.9MB

    • MD5

      444ecfed0224c3845bc5bb951829f340

    • SHA1

      b5dd8cc77ea67fe6a0251ff03892bab5ac096a4a

    • SHA256

      2141d128ce96b9de0eefc63d32e8450e37286da5258b3acebe3a7bb610a782a7

    • SHA512

      0b1bd04899e8ed0b157e32db9d24ce41f878b2fe54376ac9b909f97d78c849f2acdeec377d97cea6ac22634524525c9e6f92ffd7383857a9757132186dcb2106

    • SSDEEP

      98304:yJtAQEY6PHv5lvnGsJbOkNZNkt2TLhENUOHudezPbXafuN2YT:28DuwhfNktuLhENtOomWce

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks