General

  • Target

    8dfd8d046ccb93e6454e581a13ff1768_JaffaCakes118

  • Size

    615KB

  • Sample

    241103-3albrswnet

  • MD5

    8dfd8d046ccb93e6454e581a13ff1768

  • SHA1

    ef247dd605de2a1a34082ea822e169eb61ebcb92

  • SHA256

    97949a7d625429fed6eb6b78c256212899a52ace85cca3a9cfaaeac4dd322f7e

  • SHA512

    63c025205ded38b2b37d7c2ce8b9099a70555979f8876a7b5abf17330e7ec7fd4e8848c574d1740b89686ca17b6ee8e09f885e1d8db508cbb80fc79990de150d

  • SSDEEP

    12288:wHr3wK8ooRcI9bfQTvvE+MQvwrbC/7vlkisS6/y+DFTIKn1MQWnA+Rhffmdarv:zKloRcI9LQTvvRwHU9kHFTJ+REw

Malware Config

Targets

    • Target

      8dfd8d046ccb93e6454e581a13ff1768_JaffaCakes118

    • Size

      615KB

    • MD5

      8dfd8d046ccb93e6454e581a13ff1768

    • SHA1

      ef247dd605de2a1a34082ea822e169eb61ebcb92

    • SHA256

      97949a7d625429fed6eb6b78c256212899a52ace85cca3a9cfaaeac4dd322f7e

    • SHA512

      63c025205ded38b2b37d7c2ce8b9099a70555979f8876a7b5abf17330e7ec7fd4e8848c574d1740b89686ca17b6ee8e09f885e1d8db508cbb80fc79990de150d

    • SSDEEP

      12288:wHr3wK8ooRcI9bfQTvvE+MQvwrbC/7vlkisS6/y+DFTIKn1MQWnA+Rhffmdarv:zKloRcI9LQTvvRwHU9kHFTJ+REw

    • Removes its main activity from the application launcher

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks