General

  • Target

    52354a200ce30fb3090681a62757be30_JaffaCakes118

  • Size

    3.1MB

  • Sample

    241017-qnae7sseqq

  • MD5

    52354a200ce30fb3090681a62757be30

  • SHA1

    14c32b32947f5cb5ecaca09b7fb73fd45cb7274e

  • SHA256

    0002604f9aa167ee58757e61d3cbbd1052c71e57d5258ed1f315f540a2feb3b5

  • SHA512

    df687304d320fbe03eb7e218d532c8f5d75f2cfdd61513e88128da740aec31f50e24de0997bf84e8f852924ae5392df841e1a0d89f7777943a5d32009427b285

  • SSDEEP

    98304:FWOhK2Th2h1bhWR2SandOODS8Bmmci6KT:p9u1bhbtTDzvEQ

Malware Config

Targets

    • Target

      52354a200ce30fb3090681a62757be30_JaffaCakes118

    • Size

      3.1MB

    • MD5

      52354a200ce30fb3090681a62757be30

    • SHA1

      14c32b32947f5cb5ecaca09b7fb73fd45cb7274e

    • SHA256

      0002604f9aa167ee58757e61d3cbbd1052c71e57d5258ed1f315f540a2feb3b5

    • SHA512

      df687304d320fbe03eb7e218d532c8f5d75f2cfdd61513e88128da740aec31f50e24de0997bf84e8f852924ae5392df841e1a0d89f7777943a5d32009427b285

    • SSDEEP

      98304:FWOhK2Th2h1bhWR2SandOODS8Bmmci6KT:p9u1bhbtTDzvEQ

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Target

      com.skymobi.pay.plugin.main_v10017.pl

    • Size

      59KB

    • MD5

      4fe57f0dbc1364a52f9616aca9623ee8

    • SHA1

      d3fbaaafd79ff09ec88ad343e46258cfbda4139b

    • SHA256

      c4a8a02e900f4fb066a0e8d4c9e2976c9a0f252729058b2915fdc93eae65af49

    • SHA512

      e08aec2c36ccddc5b16409bf2d62ed6aa5e2ef468025779b400997f86c0b0943fbe16012e21be8e99685e743b3ef77adfa74b4c7bc03d30f6a506520c0edf17d

    • SSDEEP

      1536:8ZWPMIYcGLcXagIirfjDYvR76G86bHT01LVj:8Ze/KpTiXMN6LSHT05Vj

    Score
    1/10
    • Target

      com.skymobi.pay.plugin.recordupload_v10011.pl

    • Size

      42KB

    • MD5

      95f7902d7442815283d4473ed23f3cca

    • SHA1

      d2576ae331a71fc43968ed53eb73623c966aa7a3

    • SHA256

      40952f4694ea1ad807aaffb579f146287bda52a15db2fa631571eb59efb3666b

    • SHA512

      e6ed8ccab7245ac352af3dab4eb866a7fe69c9374c8e3568630ba40a8ebcf1aee36ef2d3ff99941b3a900a1b7c60ab05fecc5b9fcc6a0754ece2feba4210bb06

    • SSDEEP

      768:J8zZxl2ezpx6l9tgZO5Ea2Ahe5B9M2t78xC8cJOzibemqfM9+lsA:Juxl1zpQgZOt2z978WnemDA

    Score
    1/10
    • Target

      com.skymobi.pay.plugin.smspay_v10044.pl

    • Size

      254KB

    • MD5

      5a8049b029ce62f99c8021cad434532a

    • SHA1

      040b12b0877580cbc3a0b1cb83dff56606d9171a

    • SHA256

      ae43c158777c86f4f4f381ac9cf0c6a811402fd2570179d2641d8a2088304713

    • SHA512

      f181c31f9bb1ad1c5cd94c86a2aaea0b0bf6247f4c50698cd12a186539298c3f6d588f4f51f8819fe8ba89e65cf38526d0debbf8f186e7ce23fd66ec0cabcc86

    • SSDEEP

      6144:R5ds1oQKtR0HMDWGFq3+CxiQb8aFhbSfwuotPEBeN:zGc0sDW9dxiQNFhb4wuSEBq

    Score
    1/10
    • Target

      skymobi_pay_wxplugin.apk

    • Size

      33KB

    • MD5

      73d8a99bf9de4eb876f1739627197190

    • SHA1

      135f99fe90f129274c74f5c9b032294bfae3d05a

    • SHA256

      6d6f22a6688689b35a723620794bc03e958a69e1770073bd921d3c6129733f26

    • SHA512

      d5d9068f5fbf3c85bafb8edf084c40e4411814f02542cde120815951c6a2cfae78a0b08f930ef7143f10145ce0abcbd942c44f54afbb0d963ba47c653a162049

    • SSDEEP

      768:iwFX6Lei59coj/94ML6plol/S54bLhWQeJ:iwF0t5jj1/LMcaivhWQC

    Score
    4/10
    • Target

      unicom_resource.dat

    • Size

      66KB

    • MD5

      c0c137798872286f84f62e479bf5b632

    • SHA1

      331716c743ffe18aa5fbcf7c81d7ea2e6e14e67b

    • SHA256

      794ff618b6f2abd4b10bc61b10d9a2a18fe99737442c205f77dbf8aee18b7087

    • SHA512

      3d70e73e6068da59f7da33bc98b33e52a10955c8bcbd72f1726f439ffdfe6a28ed0fbc981d556b7974e406d4289da1604a5ed2f9b662a2df75748ca5d6759315

    • SSDEEP

      1536:uAAT2TgbOB/mePgQmNsxwUggsBKxRUFkNzKPcEhx:demchmUwKD

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks