General

  • Target

    4b0aa46c38b98a67ab10882ec49d0b79_JaffaCakes118

  • Size

    6.3MB

  • Sample

    241016-c18a4ssfkl

  • MD5

    4b0aa46c38b98a67ab10882ec49d0b79

  • SHA1

    40039e81971d7949a0c2c07bb130760a50a1a5ee

  • SHA256

    e39fb7c8180ea2ae68582a34a3b022daa4740d9955bbb9644ab7a0c59ad612af

  • SHA512

    a56cb21b6dae0e71efb9698aeae0a185bebcc348f2886c61bc7b1f73e51e81bb4693edb19c6429757ccd76b37f103aaa640b1fdca25047b7bf722741f4d5c1e7

  • SSDEEP

    196608:067NUBCLy7/2ym9MDmZaO0WjYBp+ofR7Y79fb7J7GgMO4OontxJN3Cpp5jOHBp:L5UBCtb9MDmZaO0WjYBp+of56RvxrMFP

Malware Config

Targets

    • Target

      4b0aa46c38b98a67ab10882ec49d0b79_JaffaCakes118

    • Size

      6.3MB

    • MD5

      4b0aa46c38b98a67ab10882ec49d0b79

    • SHA1

      40039e81971d7949a0c2c07bb130760a50a1a5ee

    • SHA256

      e39fb7c8180ea2ae68582a34a3b022daa4740d9955bbb9644ab7a0c59ad612af

    • SHA512

      a56cb21b6dae0e71efb9698aeae0a185bebcc348f2886c61bc7b1f73e51e81bb4693edb19c6429757ccd76b37f103aaa640b1fdca25047b7bf722741f4d5c1e7

    • SSDEEP

      196608:067NUBCLy7/2ym9MDmZaO0WjYBp+ofR7Y79fb7J7GgMO4OontxJN3Cpp5jOHBp:L5UBCtb9MDmZaO0WjYBp+of56RvxrMFP

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Target

      SinaPayPluginSamsung.apk

    • Size

      1.4MB

    • MD5

      3601959f251a7d290904797599f9944f

    • SHA1

      ef7e0536afca292336a5febf3111543885262c8f

    • SHA256

      ded8f8657c62e13babaf84c543c540f774a8d0a52a0f057e04fcf6db5b9050ab

    • SHA512

      2e54b566a08f6b0c216771d484bd93104a5cfbd96afb60d3edbc166289eb098a116e5a6246621b3131957db3b26cd7a7ff1c81c4c078d25dbecb3a6085033fd8

    • SSDEEP

      24576:6vyKUan4PxwdGHJfALbB8q4BOiwIX6QLfFUvWk8q99x/HNtf+VP084XHB92o3vEN:6vyKUj5pJfAnBuB7wiXLyvP8OHff+Vn1

    Score
    1/10
    • Target

      OnlineBank.apk

    • Size

      259KB

    • MD5

      3c775808f7c8a0677e196f6e8343d663

    • SHA1

      805b683c6bdaa49c1bc92978c043a5c9bfe3e2a9

    • SHA256

      77685340a92c9c37eff1474d33930ea0d018b3e66037a1e0600c00c7da48104c

    • SHA512

      75f1d16f1f46c05f3b7adb6a590882d7afcfc472ad15130127ee7d55f4c16b519a2012b2d9e82125528d873884ff357a8f63e9f1eaa5ac0df80a2a5d48898fcc

    • SSDEEP

      3072:1vyKCuErLM3YFw3Uof9qwYRxmOGkibCbqQN6FjbtGHQbLoXlc6/0mx9a8BngLM9Y:1vyKCuE3MJqTGk9qQN6SwQXlj/nqMPbK

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries the mobile country code (MCC)

    • Target

      alipay_msp.apk

    • Size

      807KB

    • MD5

      c8ff873b2a0d1efcbc81d83343732b29

    • SHA1

      4f67883898f70e472313e7d76d36c40f8eef9c22

    • SHA256

      2e5ac4ddf8ccf0a45a59e86ea56db4c0b57ae7a7ac181a26ccb2a9da0c29b8f0

    • SHA512

      53ae58acd4cd458851f40ee71a313f908a7ee06f7df76d9f3a015988d0b4f00a5f73ae24a2a923a09530746f3492f35a893acca553fa1ceac0c80a7886bd9317

    • SSDEEP

      24576:NPxwdGHJfALbB8q4BOiwIX6QLfFUvWk8q99x/HNtf+VD:N5pJfAnBuB7wiXLyvP8OHff+VD

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks