General

  • Target

    5711b5a239324e18cb912dc6a87be47e_JaffaCakes118

  • Size

    1.6MB

  • Sample

    241018-m4ajcswbqr

  • MD5

    5711b5a239324e18cb912dc6a87be47e

  • SHA1

    9b0029dd37f58437b67729780825866b66d1e768

  • SHA256

    23ab37c80dd098ae0c4f4a11c4738b1c3fa79b9436672e44fe922f9ca6aa8556

  • SHA512

    a653b6883381f4b454966129ebefec27134481b579d910f3c657023bbc242fbb75a56539e3478d7bfc0b618a1002c81313eb7ac1443275751f320ad608603f2f

  • SSDEEP

    49152:yvNKLjmDqsoG1f62YxhGuK9GaHxt7Fe9JjFYJ:yvMHVszf62YjGF9GaHxdFOJjFK

Malware Config

Targets

    • Target

      5711b5a239324e18cb912dc6a87be47e_JaffaCakes118

    • Size

      1.6MB

    • MD5

      5711b5a239324e18cb912dc6a87be47e

    • SHA1

      9b0029dd37f58437b67729780825866b66d1e768

    • SHA256

      23ab37c80dd098ae0c4f4a11c4738b1c3fa79b9436672e44fe922f9ca6aa8556

    • SHA512

      a653b6883381f4b454966129ebefec27134481b579d910f3c657023bbc242fbb75a56539e3478d7bfc0b618a1002c81313eb7ac1443275751f320ad608603f2f

    • SSDEEP

      49152:yvNKLjmDqsoG1f62YxhGuK9GaHxt7Fe9JjFYJ:yvMHVszf62YjGF9GaHxdFOJjFK

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks