General

  • Target

    57d0152dea0b558459813a7e4265cf99_JaffaCakes118

  • Size

    1.6MB

  • Sample

    241018-q84jsasgqm

  • MD5

    57d0152dea0b558459813a7e4265cf99

  • SHA1

    0454b270b44692718612b17de8eef13595a0f1ed

  • SHA256

    4b2c6aa670f50e1c188780732769b4928c3af25ba34a038871f47c8fe047b9ec

  • SHA512

    f0d6b43f281fad83f212719f7ffe8794cb9c779588fee9c464cac60fc9704b6916caf3fcef2e7a00c67e707aa2cb414eb02f9eb0270fc3b20e66e794a2977755

  • SSDEEP

    49152:Je0nzd7SZcZo4RaqoMBPX3JVniiorvptNGlrA1:EyzUtu1BP/iThtNGlre

Malware Config

Targets

    • Target

      57d0152dea0b558459813a7e4265cf99_JaffaCakes118

    • Size

      1.6MB

    • MD5

      57d0152dea0b558459813a7e4265cf99

    • SHA1

      0454b270b44692718612b17de8eef13595a0f1ed

    • SHA256

      4b2c6aa670f50e1c188780732769b4928c3af25ba34a038871f47c8fe047b9ec

    • SHA512

      f0d6b43f281fad83f212719f7ffe8794cb9c779588fee9c464cac60fc9704b6916caf3fcef2e7a00c67e707aa2cb414eb02f9eb0270fc3b20e66e794a2977755

    • SSDEEP

      49152:Je0nzd7SZcZo4RaqoMBPX3JVniiorvptNGlrA1:EyzUtu1BP/iThtNGlre

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks