General

  • Target

    85850fecba098781b2c41b6fe56273ac_JaffaCakes118

  • Size

    869KB

  • Sample

    241102-p3jfzsxmfj

  • MD5

    85850fecba098781b2c41b6fe56273ac

  • SHA1

    5e1fd023935c1f57469c18639d6c798ce0261bbf

  • SHA256

    9850945ef2b072e363630040d95f9b13dbdbe766d7a4d51d5367e60f1da0ff9c

  • SHA512

    1bfecb5ec73bd138067a9873a2845450992d803d76b3ac598d155962bfdf37ee1a443a99eed9c2e2248f4d750a3bcfe624e204f1bc41de482f7a87af16ce7f18

  • SSDEEP

    24576:96IKQclZaVULaIrZLLEIwLv/KeA+RyAwm/SjHHzmoHb:IDlZmY3nE/L91X/SjHHqS

Malware Config

Targets

    • Target

      85850fecba098781b2c41b6fe56273ac_JaffaCakes118

    • Size

      869KB

    • MD5

      85850fecba098781b2c41b6fe56273ac

    • SHA1

      5e1fd023935c1f57469c18639d6c798ce0261bbf

    • SHA256

      9850945ef2b072e363630040d95f9b13dbdbe766d7a4d51d5367e60f1da0ff9c

    • SHA512

      1bfecb5ec73bd138067a9873a2845450992d803d76b3ac598d155962bfdf37ee1a443a99eed9c2e2248f4d750a3bcfe624e204f1bc41de482f7a87af16ce7f18

    • SSDEEP

      24576:96IKQclZaVULaIrZLLEIwLv/KeA+RyAwm/SjHHzmoHb:IDlZmY3nE/L91X/SjHHqS

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks