General

  • Target

    8bde9cbbc75504880bed4720665ec9b3_JaffaCakes118

  • Size

    13.1MB

  • Sample

    241103-rgwkjavpas

  • MD5

    8bde9cbbc75504880bed4720665ec9b3

  • SHA1

    3a262bee63d92f5e100ce3a8d56bbd5048313d5e

  • SHA256

    e8314fdac2c50ac5eac75b3df73ad5e98f5b8feea1146af16975e04122dfb397

  • SHA512

    8357a684a17b26eba8327269a9fd1cec4b821375a4923b5f013cddb5ea243816aaa222e21e86286360f094c574ffe386ce48a0944f820514640899d5d5422840

  • SSDEEP

    393216:jgf10MC4G99kf8lpLoHeZ7f/2cSbVik4S:8d0GG+WeeZb2cShV

Malware Config

Targets

    • Target

      8bde9cbbc75504880bed4720665ec9b3_JaffaCakes118

    • Size

      13.1MB

    • MD5

      8bde9cbbc75504880bed4720665ec9b3

    • SHA1

      3a262bee63d92f5e100ce3a8d56bbd5048313d5e

    • SHA256

      e8314fdac2c50ac5eac75b3df73ad5e98f5b8feea1146af16975e04122dfb397

    • SHA512

      8357a684a17b26eba8327269a9fd1cec4b821375a4923b5f013cddb5ea243816aaa222e21e86286360f094c574ffe386ce48a0944f820514640899d5d5422840

    • SSDEEP

      393216:jgf10MC4G99kf8lpLoHeZ7f/2cSbVik4S:8d0GG+WeeZb2cShV

    • Checks if the Android device is rooted.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks