General

  • Target

    878892c244d484afba849782769422d5_JaffaCakes118

  • Size

    16.7MB

  • Sample

    241102-y51mqatpgv

  • MD5

    878892c244d484afba849782769422d5

  • SHA1

    cb1fe059efaff3dd90e00ed3880d77a99c084fd8

  • SHA256

    7b71dd715e5021bbafa2dcbadd006985fe8cd8249e4a9b1e34f88a475a346c9e

  • SHA512

    2be37b2678a509a86f697f415e87f2fe91921f73aa55b3107f07e618515c252bdd1b4d03de6481aea7b83abb630a336778fb11a71a08e215e0ee9ce76ee62da9

  • SSDEEP

    393216:a+RGAKbfsXJ8oxvhnnxRRBbR41Cl04ld137HJHGoSjMvlRDN2lF:PRGAKDY+oZhnnv1eYVld1NOAvlRMX

Malware Config

Targets

    • Target

      878892c244d484afba849782769422d5_JaffaCakes118

    • Size

      16.7MB

    • MD5

      878892c244d484afba849782769422d5

    • SHA1

      cb1fe059efaff3dd90e00ed3880d77a99c084fd8

    • SHA256

      7b71dd715e5021bbafa2dcbadd006985fe8cd8249e4a9b1e34f88a475a346c9e

    • SHA512

      2be37b2678a509a86f697f415e87f2fe91921f73aa55b3107f07e618515c252bdd1b4d03de6481aea7b83abb630a336778fb11a71a08e215e0ee9ce76ee62da9

    • SSDEEP

      393216:a+RGAKbfsXJ8oxvhnnxRRBbR41Cl04ld137HJHGoSjMvlRDN2lF:PRGAKDY+oZhnnv1eYVld1NOAvlRMX

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Queries information about the current nearby Wi-Fi networks

      Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

    • Target

      com.iqiyi.paopao.apk

    • Size

      4.5MB

    • MD5

      a27aa4694e8bb9c9abda1917020c3d5a

    • SHA1

      730648eb47386dfa4bd934e74a3bcd3b237d8a24

    • SHA256

      d53f46b445917a7433c1ea98947288a127189ccda57ff8613600c80936e5b178

    • SHA512

      614f6796a8aad49befbcfbec7ddc5c16768c6a935730fa15578b46e8a06473da188f46204bb9fc9ee497e1ac1b6dcc95de697c16df24b7d0343520b45692f2b5

    • SSDEEP

      98304:I3bywq21rdMHRElMXXVYQBYfGu1qFDqxGN16lxTjC8B4DJpxbr4zBC2F/:I2B26hnSQBYfGXWzjCuqjgzBH/

    Score
    1/10

MITRE ATT&CK Mobile v15

Tasks