General

  • Target

    8924c2f89e1501da3e0fc17ac3160a84_JaffaCakes118

  • Size

    2.4MB

  • Sample

    241103-cp91ka1pdy

  • MD5

    8924c2f89e1501da3e0fc17ac3160a84

  • SHA1

    f6b4c0590e9fcf471b79572cb736642dd7d27d89

  • SHA256

    920e7289067d7a55b7af2bb5e79fd55378b2c0ee5ddbe03482130b0a3a927376

  • SHA512

    66f9f74a8fe71ec274cbc17867bf8a9c0c595e18cca28fca4a3833a945df791e4d66a14c80b72af86dd56d5c8f031edb585522d08fe7ed66c3457073fd6655f0

  • SSDEEP

    49152:zGfPnsS2H9PAKBp7VMrGzWnJHu6oBhvnjcGZ5y22TvGbvj49M4lseJOEI:zGffsSO9PAKn72rGzWnJHoB5njcG+UMg

Malware Config

Targets

    • Target

      8924c2f89e1501da3e0fc17ac3160a84_JaffaCakes118

    • Size

      2.4MB

    • MD5

      8924c2f89e1501da3e0fc17ac3160a84

    • SHA1

      f6b4c0590e9fcf471b79572cb736642dd7d27d89

    • SHA256

      920e7289067d7a55b7af2bb5e79fd55378b2c0ee5ddbe03482130b0a3a927376

    • SHA512

      66f9f74a8fe71ec274cbc17867bf8a9c0c595e18cca28fca4a3833a945df791e4d66a14c80b72af86dd56d5c8f031edb585522d08fe7ed66c3457073fd6655f0

    • SSDEEP

      49152:zGfPnsS2H9PAKBp7VMrGzWnJHu6oBhvnjcGZ5y22TvGbvj49M4lseJOEI:zGffsSO9PAKn72rGzWnJHoB5njcG+UMg

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Acquires the wake lock

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks