General

  • Target

    864ba87f8f7b213ca921b275a0285c4b_JaffaCakes118

  • Size

    18.6MB

  • Sample

    241102-tfksra1qdp

  • MD5

    864ba87f8f7b213ca921b275a0285c4b

  • SHA1

    f47f40d2bc7f29cd1a5ef48ca8f8c07dcb8fac4a

  • SHA256

    8af068956f0d5139b877b02fbb1cdbf3f0452160bd5d60cf843dfec55f0af5ff

  • SHA512

    85afe65779b30159e1f6f045ca4d4accfdec92d06aa190fe10a6ad7bd16a92fd8474f810291d1800e37c4bd2402d530a133ccb452abbe5c1caa300b5eaf20722

  • SSDEEP

    393216:JhV+WApoip0BKhW5nR+I+3FUViZOUneziBYWo+AFE:rV+hfpiKIxR+I+VUVULQW

Malware Config

Targets

    • Target

      864ba87f8f7b213ca921b275a0285c4b_JaffaCakes118

    • Size

      18.6MB

    • MD5

      864ba87f8f7b213ca921b275a0285c4b

    • SHA1

      f47f40d2bc7f29cd1a5ef48ca8f8c07dcb8fac4a

    • SHA256

      8af068956f0d5139b877b02fbb1cdbf3f0452160bd5d60cf843dfec55f0af5ff

    • SHA512

      85afe65779b30159e1f6f045ca4d4accfdec92d06aa190fe10a6ad7bd16a92fd8474f810291d1800e37c4bd2402d530a133ccb452abbe5c1caa300b5eaf20722

    • SSDEEP

      393216:JhV+WApoip0BKhW5nR+I+3FUViZOUneziBYWo+AFE:rV+hfpiKIxR+I+VUVULQW

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Reads information about phone network operator.

    • Target

      AlipayMSP206_PPS3_V3.5.4.0619.apk

    • Size

      354KB

    • MD5

      12ae4560d8350db4bd6fa3bc1589614c

    • SHA1

      dbbfce036a1823aaec9d1c7b621adbd7317f7fa9

    • SHA256

      46f025d57f9aed1fb674c0fe8fc77add93cf00ea6e1633596955f33426be7688

    • SHA512

      df7348142a8c294d0d7f7ce77795fd0f81f60831ca1831164e5060c900aa90af430b11f6972103a5c6307d81d8cdf095105a9ab3d01c2183d10d01910976c6fd

    • SSDEEP

      6144:ipIlfloegHi/BBs3dWcfihtB7+Y3Ju4g29f5C8EcPK+WvyQcy2fn1E:ip2JgC/BBsNWfh3Vcc5CLE8Rcy2fn1E

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks