General

  • Target

    886bc8aa47b0ad7a22cf297e4034fb27_JaffaCakes118

  • Size

    2.1MB

  • Sample

    241102-3jdy2s1qbj

  • MD5

    886bc8aa47b0ad7a22cf297e4034fb27

  • SHA1

    e878add90264f021aeb927e604f52c8136b781df

  • SHA256

    bff039ed8783a9ab01908f99f425847de83fb6b39ce25fb5caf574bbdc34840c

  • SHA512

    13e78b46b328d089e63b1610261a90f2a7dd518c395d21d5805852be29c18ce5998435446c9ea276d9709cb2aaac84b8e4ce880bfeb24cd870dba3c09c585d8f

  • SSDEEP

    49152:b8xt2tJ+SIdAFWtOVTKluOOrSeOdWv3/NAxz2igz4l:IxtISdpslKlmrSeOg3/N4zZgz4l

Malware Config

Targets

    • Target

      886bc8aa47b0ad7a22cf297e4034fb27_JaffaCakes118

    • Size

      2.1MB

    • MD5

      886bc8aa47b0ad7a22cf297e4034fb27

    • SHA1

      e878add90264f021aeb927e604f52c8136b781df

    • SHA256

      bff039ed8783a9ab01908f99f425847de83fb6b39ce25fb5caf574bbdc34840c

    • SHA512

      13e78b46b328d089e63b1610261a90f2a7dd518c395d21d5805852be29c18ce5998435446c9ea276d9709cb2aaac84b8e4ce880bfeb24cd870dba3c09c585d8f

    • SSDEEP

      49152:b8xt2tJ+SIdAFWtOVTKluOOrSeOdWv3/NAxz2igz4l:IxtISdpslKlmrSeOg3/N4zZgz4l

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks