General

  • Target

    501f64b3eb59cd479d943ab690dfd8a1_JaffaCakes118

  • Size

    24.6MB

  • Sample

    241017-bv8h9ayarp

  • MD5

    501f64b3eb59cd479d943ab690dfd8a1

  • SHA1

    61561c9f6a8cf5be37ecfe898bb7e262c6acf6f0

  • SHA256

    75c32ad4f5f5d25259ad8f296e2134c1124189c12bde7c908c858db5ffee9857

  • SHA512

    24ed350ffd1b2bd6fb7b32dc1e6d33c95c9cb9d30c9352421f92c5b36147336e0fedf459eb11748f1791b0148ea9b8f313a97ea9c2f60e2e195e016ded57de13

  • SSDEEP

    786432:YhPPYJO35waYgHFZedy9oOFKf/pjuujdufxNztHXtLy8DyePE7OiA2:YQ4yadHFZeo9PFKfNu3fJdLyIyePE7Q2

Malware Config

Targets

    • Target

      501f64b3eb59cd479d943ab690dfd8a1_JaffaCakes118

    • Size

      24.6MB

    • MD5

      501f64b3eb59cd479d943ab690dfd8a1

    • SHA1

      61561c9f6a8cf5be37ecfe898bb7e262c6acf6f0

    • SHA256

      75c32ad4f5f5d25259ad8f296e2134c1124189c12bde7c908c858db5ffee9857

    • SHA512

      24ed350ffd1b2bd6fb7b32dc1e6d33c95c9cb9d30c9352421f92c5b36147336e0fedf459eb11748f1791b0148ea9b8f313a97ea9c2f60e2e195e016ded57de13

    • SSDEEP

      786432:YhPPYJO35waYgHFZedy9oOFKf/pjuujdufxNztHXtLy8DyePE7OiA2:YQ4yadHFZeo9PFKfNu3fJdLyIyePE7Q2

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks