General

  • Target

    8c62556332ac5d33de2fcd4c1255a1cf_JaffaCakes118

  • Size

    11.2MB

  • Sample

    241103-tv528sxpay

  • MD5

    8c62556332ac5d33de2fcd4c1255a1cf

  • SHA1

    fde2a53267866606f80151dfe9f328666e7b8061

  • SHA256

    3040e156440375a0af8f0125895ee5489a35fcc309aba452c660e07488318c2d

  • SHA512

    96cf7f1f347a7e977d9516b7f3ece7d8db79daef58fcf54f5d7ac801d3f3fb0025d244ab0826f917034df93ab836706480a26cee1fef8d674c78cee68c122445

  • SSDEEP

    196608:jzfinhyClvuCtrt2A3hGcf3S75AD4ntnLueDkD4ZOcUqo4LuVDyiz+xj+r2r6GeW:XfinhyClTtr/Tf3ynhoDMUqXLuXz+x+S

Malware Config

Targets

    • Target

      8c62556332ac5d33de2fcd4c1255a1cf_JaffaCakes118

    • Size

      11.2MB

    • MD5

      8c62556332ac5d33de2fcd4c1255a1cf

    • SHA1

      fde2a53267866606f80151dfe9f328666e7b8061

    • SHA256

      3040e156440375a0af8f0125895ee5489a35fcc309aba452c660e07488318c2d

    • SHA512

      96cf7f1f347a7e977d9516b7f3ece7d8db79daef58fcf54f5d7ac801d3f3fb0025d244ab0826f917034df93ab836706480a26cee1fef8d674c78cee68c122445

    • SSDEEP

      196608:jzfinhyClvuCtrt2A3hGcf3S75AD4ntnLueDkD4ZOcUqo4LuVDyiz+xj+r2r6GeW:XfinhyClTtr/Tf3ynhoDMUqXLuXz+x+S

    • Checks if the Android device is rooted.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    • Queries the mobile country code (MCC)

    • Target

      AlipayMSP206_PPS3_V3.5.4.0619.apk

    • Size

      354KB

    • MD5

      12ae4560d8350db4bd6fa3bc1589614c

    • SHA1

      dbbfce036a1823aaec9d1c7b621adbd7317f7fa9

    • SHA256

      46f025d57f9aed1fb674c0fe8fc77add93cf00ea6e1633596955f33426be7688

    • SHA512

      df7348142a8c294d0d7f7ce77795fd0f81f60831ca1831164e5060c900aa90af430b11f6972103a5c6307d81d8cdf095105a9ab3d01c2183d10d01910976c6fd

    • SSDEEP

      6144:ipIlfloegHi/BBs3dWcfihtB7+Y3Ju4g29f5C8EcPK+WvyQcy2fn1E:ip2JgC/BBsNWfh3Vcc5CLE8Rcy2fn1E

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

MITRE ATT&CK Mobile v15

Tasks