General

  • Target

    57571f55acaac35bb329cd0f69a09fe6_JaffaCakes118

  • Size

    11.9MB

  • Sample

    241018-n8wstswarf

  • MD5

    57571f55acaac35bb329cd0f69a09fe6

  • SHA1

    fc034fd13d44230ff6cff5ca43293971321f0142

  • SHA256

    6f1cce259ec6e6eccc72b2d2aacd693a4bc92b0560594d490b043796fb5e8187

  • SHA512

    073f148814b709134edbf620299926fa9246e33932b19891eacc852d9aa3248e479b56c93cbb81083e727b821e2f983522fb90f1c160313090cd44975466e95f

  • SSDEEP

    196608:E5BpHQuiVW9KRyveCVpR59ccC7KCzGB7Ae6Ctsaz6/4gx5tE0MYoeEMTskRRp1E:6BpHEcKReXRdC7nzGxAFt9dE0poeEMTC

Malware Config

Targets

    • Target

      57571f55acaac35bb329cd0f69a09fe6_JaffaCakes118

    • Size

      11.9MB

    • MD5

      57571f55acaac35bb329cd0f69a09fe6

    • SHA1

      fc034fd13d44230ff6cff5ca43293971321f0142

    • SHA256

      6f1cce259ec6e6eccc72b2d2aacd693a4bc92b0560594d490b043796fb5e8187

    • SHA512

      073f148814b709134edbf620299926fa9246e33932b19891eacc852d9aa3248e479b56c93cbb81083e727b821e2f983522fb90f1c160313090cd44975466e95f

    • SSDEEP

      196608:E5BpHQuiVW9KRyveCVpR59ccC7KCzGB7Ae6Ctsaz6/4gx5tE0MYoeEMTskRRp1E:6BpHEcKReXRdC7nzGxAFt9dE0poeEMTC

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Queries the phone number (MSISDN for GSM devices)

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks