General

  • Target

    824aa6a2508fc75aad639ef218fa7765_JaffaCakes118

  • Size

    9.4MB

  • Sample

    241031-jem7datejg

  • MD5

    824aa6a2508fc75aad639ef218fa7765

  • SHA1

    e6dac3f92cc5cf43324aac95ba219176970835c1

  • SHA256

    319d90cdb978516a367e92cb37d86abaff462474bb3aa81245cebb526fac2610

  • SHA512

    efea012ef39a95996eb5c615fed3c4c933b195e6727b8d578f9d41b30529021c1f6e5b3b84ee222868c620e10ba2926119609152810feb7dd506e968ebd08b42

  • SSDEEP

    196608:TGyTcDS7l+SM3Lla5/QOqIq+2///MBi2vs03oDlE8Abi:TQUlmcOOqIq+ex2z3ooi

Malware Config

Targets

    • Target

      824aa6a2508fc75aad639ef218fa7765_JaffaCakes118

    • Size

      9.4MB

    • MD5

      824aa6a2508fc75aad639ef218fa7765

    • SHA1

      e6dac3f92cc5cf43324aac95ba219176970835c1

    • SHA256

      319d90cdb978516a367e92cb37d86abaff462474bb3aa81245cebb526fac2610

    • SHA512

      efea012ef39a95996eb5c615fed3c4c933b195e6727b8d578f9d41b30529021c1f6e5b3b84ee222868c620e10ba2926119609152810feb7dd506e968ebd08b42

    • SSDEEP

      196608:TGyTcDS7l+SM3Lla5/QOqIq+2///MBi2vs03oDlE8Abi:TQUlmcOOqIq+ex2z3ooi

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Target

      modp-barcode-wostore.apk

    • Size

      467KB

    • MD5

      4243631d504674fd652c4f27cad5f64f

    • SHA1

      22e31a4ac9245db2059ddc4721b520534ebe3c5e

    • SHA256

      ab5835c00d3a1c4052560fb0c2ba9ac49132deae5676d01968e2ce70c6cc46ad

    • SHA512

      d9214757a7e7fc0be428921cef2db93865b54c887d84d6ca96f63c8e7063299b6d4d48c2f5e8ed8b8aefefb21c9f7f9d6427a26532905199e13a9384b6e34457

    • SSDEEP

      12288:U5KZycZRhTtaWzrRaAt7L2yq2Ea8aVHEoCgkspnxVuio1aKo:R9ZzRaWPRVtWna8aJCgkAAF1Xo

    Score
    4/10

MITRE ATT&CK Mobile v15

Tasks