General

  • Target

    51f70c3b2c2c55ca90e5c646cc72fc84_JaffaCakes118

  • Size

    8.2MB

  • Sample

    241017-n4k6jawdre

  • MD5

    51f70c3b2c2c55ca90e5c646cc72fc84

  • SHA1

    0d57ff0d0824fea4ffa461e6aa722caaa5e36aab

  • SHA256

    b81eece6e54c1f68a6e3c47df3167ddaaebcd046865a363703a27f9962597be8

  • SHA512

    5f28c231012a845f603671aa90c63d20519158159930bd1f6c0177d527ca07c8dc4767dd97dd4430a49866a6ca2e6206132884508f389f5166c7183b65025ffa

  • SSDEEP

    196608:9sQ4mSEwZ4KC7u1rx/Ohptada1lHhhE03EvM8OvOKNYYD0kXf90CXYk0:V4mS/SKB1Boao1xbE0WMTvRNVhX9L0

Malware Config

Targets

    • Target

      51f70c3b2c2c55ca90e5c646cc72fc84_JaffaCakes118

    • Size

      8.2MB

    • MD5

      51f70c3b2c2c55ca90e5c646cc72fc84

    • SHA1

      0d57ff0d0824fea4ffa461e6aa722caaa5e36aab

    • SHA256

      b81eece6e54c1f68a6e3c47df3167ddaaebcd046865a363703a27f9962597be8

    • SHA512

      5f28c231012a845f603671aa90c63d20519158159930bd1f6c0177d527ca07c8dc4767dd97dd4430a49866a6ca2e6206132884508f389f5166c7183b65025ffa

    • SSDEEP

      196608:9sQ4mSEwZ4KC7u1rx/Ohptada1lHhhE03EvM8OvOKNYYD0kXf90CXYk0:V4mS/SKB1Boao1xbE0WMTvRNVhX9L0

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Target

      kp.db

    • Size

      114KB

    • MD5

      6c98689c103cd1c601781aaf9bd3efba

    • SHA1

      052d7cab6dce90d36be9dd635a1fc7d18aaeea2d

    • SHA256

      ab04b24fa1fa710562f436d9c81f0575d78f59e0a053b60aa13bf1de1cd38b03

    • SHA512

      7e6b7460a5fba462d3ac8e929716e849e0b17d987d281b971d56694e557ee92aeeeeea10aaf264b4cf6c7ecaa62f68834f8e60c25aea4ed51cf28686506e7373

    • SSDEEP

      3072:NFaM/Nc0Cs/wUpj0uYb6aCtoJJ0W1NriptHAE/306vTeJ:NgwCXoogE6M

    Score
    1/10
    • Target

      xlst

    • Size

      291KB

    • MD5

      e5baaa7bcb34f266c6363d6ea8f3b2e2

    • SHA1

      2ef6c9d2202130be40e11bb3cb78350e6c95908d

    • SHA256

      cb94212d0002ab121a0ce4b6d14670b39476b1de4c8ced07cb2adf379afc6240

    • SHA512

      6f77c01d7b80ee20964e5cf48048370d5ccfdf70ed1d314968dcf56daa727e5284b6037db12d26ec5f152cf940099609a86886d2483555a21c81e6e8b4f6e9ff

    • SSDEEP

      6144:7HlP/780hM5/Tyi00JBqGtGFHYcwrGKs22GZMjTE1A4:TJvnUZhcmQqMXEB

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about active data network

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Target

      kp.db

    • Size

      118KB

    • MD5

      8dbd3ac484c8e28ca9136394d678adac

    • SHA1

      d6fd00b0fb8598b9f2508ff29b45384560649a65

    • SHA256

      2211130c2e3a41a17ec1ecc0630ef04b0081ef52c9e037e82ee621516322e43b

    • SHA512

      bac2322bb2fe945e458cf995a8695f6cf33d7d243c8569f377d94b948539a0ff29a8ffd42ab9cc23111e409f418d049290baed4bc35cddedd0f6300dd49a8fcc

    • SSDEEP

      3072:5lP/XH7P8zCUDqXxWnj5/kGyiib0ai8JAHBqXsf0glxS:5lP/780hM5/Tyi00JBqGtM

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks