General

  • Target

    84c3dc8162ff62bc62468d35e3c8c6fe_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241102-dhqtsayemp

  • MD5

    84c3dc8162ff62bc62468d35e3c8c6fe

  • SHA1

    a1cbf6d65d22a04d20b95e579133ce41fcf1dc8c

  • SHA256

    84c0b6dd629f174e808d2cbbb8b10e530abc0930d3df8945e413fdc102f56f3a

  • SHA512

    b73e24f8997009e9d4aa2427652934bd4ea6ce5da84b6cfbbe3567101e10516c86922995000664b9769c71e078f1fff16987f3eb98dcaa66883540b79e641d30

  • SSDEEP

    24576:Kjra/YVkmRPquPuq4XF9U5nusXK+fMjQzdl3VvZ4fO6F5f47iU:K/km0k4HU5B62FVvZ4Wu47iU

Malware Config

Targets

    • Target

      84c3dc8162ff62bc62468d35e3c8c6fe_JaffaCakes118

    • Size

      1.3MB

    • MD5

      84c3dc8162ff62bc62468d35e3c8c6fe

    • SHA1

      a1cbf6d65d22a04d20b95e579133ce41fcf1dc8c

    • SHA256

      84c0b6dd629f174e808d2cbbb8b10e530abc0930d3df8945e413fdc102f56f3a

    • SHA512

      b73e24f8997009e9d4aa2427652934bd4ea6ce5da84b6cfbbe3567101e10516c86922995000664b9769c71e078f1fff16987f3eb98dcaa66883540b79e641d30

    • SSDEEP

      24576:Kjra/YVkmRPquPuq4XF9U5nusXK+fMjQzdl3VvZ4fO6F5f47iU:K/km0k4HU5B62FVvZ4Wu47iU

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of SMS inbox messages.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks