General

  • Target

    8b3d048b8e2a7c844e47e75f7734cb06_JaffaCakes118

  • Size

    19.1MB

  • Sample

    241103-njbrcstbkl

  • MD5

    8b3d048b8e2a7c844e47e75f7734cb06

  • SHA1

    245c0820e49b7f26b133e7930d240fd4d8d73036

  • SHA256

    7ce6f1f0b9acdff2fce99b87acb11d4af871c33026a78bc91198ec9d2892cc3c

  • SHA512

    3275d58dc039fb632f2cdbb4284f56d03c12a20695c06560917f124a0a251c3ecf57e3cbbd6b03aa08f6b3f6f94334ab9933c38ea6ebe51ca078f39d22f2870d

  • SSDEEP

    393216:SQA7bupv9nHrUrpO8O1wnpCmwpOlZRM6B7kIoMH10ncSq:Slbut9Hg1OR+Im6OlbM6V6nI

Malware Config

Targets

    • Target

      8b3d048b8e2a7c844e47e75f7734cb06_JaffaCakes118

    • Size

      19.1MB

    • MD5

      8b3d048b8e2a7c844e47e75f7734cb06

    • SHA1

      245c0820e49b7f26b133e7930d240fd4d8d73036

    • SHA256

      7ce6f1f0b9acdff2fce99b87acb11d4af871c33026a78bc91198ec9d2892cc3c

    • SHA512

      3275d58dc039fb632f2cdbb4284f56d03c12a20695c06560917f124a0a251c3ecf57e3cbbd6b03aa08f6b3f6f94334ab9933c38ea6ebe51ca078f39d22f2870d

    • SSDEEP

      393216:SQA7bupv9nHrUrpO8O1wnpCmwpOlZRM6B7kIoMH10ncSq:Slbut9Hg1OR+Im6OlbM6V6nI

    • Checks if the Android device is rooted.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks