General

  • Target

    8e053b431042010e4089fe1c87d8e1a5_JaffaCakes118

  • Size

    11.3MB

  • Sample

    241103-3fmf1swpfv

  • MD5

    8e053b431042010e4089fe1c87d8e1a5

  • SHA1

    7de3ea1a69fa303f0863c354afa73d1a798116b3

  • SHA256

    642274549f5ecd691d5d8ee79b3a430c22f9ece6fb71463ab09a5b355c5b1e26

  • SHA512

    2218ab0b6c3376481c52df53f9b63000e6424589ed200242af2ac71fac8760811f93a12d784b633b3c4e903f69810315756f84a997e2618dccdf032a5106ba8d

  • SSDEEP

    196608:4ezuPpanunEtrtAA3hGcf3S75AD4ntnLueDkD4ZOcUqo4LuVDyiz+xj+r2r6GeSV:PzuPpBEtrFTf3ynhoDMUqXLuXz+x+rlQ

Malware Config

Targets

    • Target

      8e053b431042010e4089fe1c87d8e1a5_JaffaCakes118

    • Size

      11.3MB

    • MD5

      8e053b431042010e4089fe1c87d8e1a5

    • SHA1

      7de3ea1a69fa303f0863c354afa73d1a798116b3

    • SHA256

      642274549f5ecd691d5d8ee79b3a430c22f9ece6fb71463ab09a5b355c5b1e26

    • SHA512

      2218ab0b6c3376481c52df53f9b63000e6424589ed200242af2ac71fac8760811f93a12d784b633b3c4e903f69810315756f84a997e2618dccdf032a5106ba8d

    • SSDEEP

      196608:4ezuPpanunEtrtAA3hGcf3S75AD4ntnLueDkD4ZOcUqo4LuVDyiz+xj+r2r6GeSV:PzuPpBEtrFTf3ynhoDMUqXLuXz+x+rlQ

    • Checks if the Android device is rooted.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Target

      AlipayMSP206_PPS3_V3.5.4.0619.apk

    • Size

      354KB

    • MD5

      12ae4560d8350db4bd6fa3bc1589614c

    • SHA1

      dbbfce036a1823aaec9d1c7b621adbd7317f7fa9

    • SHA256

      46f025d57f9aed1fb674c0fe8fc77add93cf00ea6e1633596955f33426be7688

    • SHA512

      df7348142a8c294d0d7f7ce77795fd0f81f60831ca1831164e5060c900aa90af430b11f6972103a5c6307d81d8cdf095105a9ab3d01c2183d10d01910976c6fd

    • SSDEEP

      6144:ipIlfloegHi/BBs3dWcfihtB7+Y3Ju4g29f5C8EcPK+WvyQcy2fn1E:ip2JgC/BBsNWfh3Vcc5CLE8Rcy2fn1E

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks