General

  • Target

    49dd27a923f3232c9ee4e4fb8769dca7_JaffaCakes118

  • Size

    2.4MB

  • Sample

    241015-zap36szcmk

  • MD5

    49dd27a923f3232c9ee4e4fb8769dca7

  • SHA1

    ea46f9a1d20b21ef40d8cb2bdf0ab92bf113a135

  • SHA256

    b41c340f87ea9a3600a44861a4c977df27c2dcb92bcabdb421768769a4b0e557

  • SHA512

    357f5b459e5ad67834748990b4f09f4c641cf3b763dd5939f851fc467becfa6f9fed0a5c8ec6896854d0a221575a4e47218cbc98507eb064f51b8edca7e0dd70

  • SSDEEP

    49152:XBp7llWklqi3yOBGELP4oDQajt1vkZGq6YECP00S1W:Xn7rXiOBGELPpJD8CwPok

Malware Config

Targets

    • Target

      49dd27a923f3232c9ee4e4fb8769dca7_JaffaCakes118

    • Size

      2.4MB

    • MD5

      49dd27a923f3232c9ee4e4fb8769dca7

    • SHA1

      ea46f9a1d20b21ef40d8cb2bdf0ab92bf113a135

    • SHA256

      b41c340f87ea9a3600a44861a4c977df27c2dcb92bcabdb421768769a4b0e557

    • SHA512

      357f5b459e5ad67834748990b4f09f4c641cf3b763dd5939f851fc467becfa6f9fed0a5c8ec6896854d0a221575a4e47218cbc98507eb064f51b8edca7e0dd70

    • SSDEEP

      49152:XBp7llWklqi3yOBGELP4oDQajt1vkZGq6YECP00S1W:Xn7rXiOBGELPpJD8CwPok

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks