General

  • Target

    879b7095907351027c29eff3791cce28_JaffaCakes118

  • Size

    1.9MB

  • Sample

    241102-zej3qavjax

  • MD5

    879b7095907351027c29eff3791cce28

  • SHA1

    f183b659ed96a4bf1df875504e55735667ffd2c0

  • SHA256

    5b0801aabed6fc5c5fff605f057bec99ab6ca6f0ee240e0ef660a179dc88e167

  • SHA512

    cf76918ae62de24e26d970706db40ddafedc389ebe6773d70043407271d67dce702b90d66985bffc518ef34ea69a00711ae80986e5d4681e299fa8697dd7231a

  • SSDEEP

    49152:K9w5l3vSwrznGubbp+sTmWyHX9q7YM8hAVkIsB:CalKAz1bV+2oXg7mh8e

Malware Config

Targets

    • Target

      879b7095907351027c29eff3791cce28_JaffaCakes118

    • Size

      1.9MB

    • MD5

      879b7095907351027c29eff3791cce28

    • SHA1

      f183b659ed96a4bf1df875504e55735667ffd2c0

    • SHA256

      5b0801aabed6fc5c5fff605f057bec99ab6ca6f0ee240e0ef660a179dc88e167

    • SHA512

      cf76918ae62de24e26d970706db40ddafedc389ebe6773d70043407271d67dce702b90d66985bffc518ef34ea69a00711ae80986e5d4681e299fa8697dd7231a

    • SSDEEP

      49152:K9w5l3vSwrznGubbp+sTmWyHX9q7YM8hAVkIsB:CalKAz1bV+2oXg7mh8e

    • Checks if the Android device is rooted.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Reads the content of SMS inbox messages.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks