General

  • Target

    5006765c0d98565d96dade82dc43e72a_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241017-bfg3raxblr

  • MD5

    5006765c0d98565d96dade82dc43e72a

  • SHA1

    9d4616b151aa4dbd0293025a62f9c43c3f65490f

  • SHA256

    0bc5658a8cb733bf27176836a9cf34e267cb79d4aadd489c62984a4a52559212

  • SHA512

    511b7032f985a5f6b5a31bd81c3938aef1c247e68469fbab313294a0cb4f062e793b0d9d22aa3ac03cf713220ef7f886cf9f6efa85c013b441cb24243be4f290

  • SSDEEP

    24576:wBnNz0PoJrUmt9Zo+ZYjVQXq/13tdHbZKm51Ob83B:UzRUe9J6jVQXq/1XHNKmjbx

Malware Config

Targets

    • Target

      5006765c0d98565d96dade82dc43e72a_JaffaCakes118

    • Size

      1.3MB

    • MD5

      5006765c0d98565d96dade82dc43e72a

    • SHA1

      9d4616b151aa4dbd0293025a62f9c43c3f65490f

    • SHA256

      0bc5658a8cb733bf27176836a9cf34e267cb79d4aadd489c62984a4a52559212

    • SHA512

      511b7032f985a5f6b5a31bd81c3938aef1c247e68469fbab313294a0cb4f062e793b0d9d22aa3ac03cf713220ef7f886cf9f6efa85c013b441cb24243be4f290

    • SSDEEP

      24576:wBnNz0PoJrUmt9Zo+ZYjVQXq/13tdHbZKm51Ob83B:UzRUe9J6jVQXq/1XHNKmjbx

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks