General

  • Target

    8cb36d8fe5e25ce4ae24c91108a9dc44_JaffaCakes118

  • Size

    921KB

  • Sample

    241103-v8j8cszdld

  • MD5

    8cb36d8fe5e25ce4ae24c91108a9dc44

  • SHA1

    020869b4650ef869b49bd106db0f532cde84d8c1

  • SHA256

    ba580e0fdce015b6c15a3c0b5d89fd330a3d8e75d6ef4b9243cd5b6a9e51d5b8

  • SHA512

    50a807f5d98395c856ed0f708cb81d102072f628ce5ac19005eb3603668fa75ddb949b0968dbe79172cbbd978d915a605e6b82a79d9b587d5736bceb659fc39b

  • SSDEEP

    24576:vbqXj5Xh52IDv+hPEQLbIINN7umGLrCXB3TYdCMZ:vb8daI7+hPEobIIrCmGLGdTYMMZ

Malware Config

Targets

    • Target

      8cb36d8fe5e25ce4ae24c91108a9dc44_JaffaCakes118

    • Size

      921KB

    • MD5

      8cb36d8fe5e25ce4ae24c91108a9dc44

    • SHA1

      020869b4650ef869b49bd106db0f532cde84d8c1

    • SHA256

      ba580e0fdce015b6c15a3c0b5d89fd330a3d8e75d6ef4b9243cd5b6a9e51d5b8

    • SHA512

      50a807f5d98395c856ed0f708cb81d102072f628ce5ac19005eb3603668fa75ddb949b0968dbe79172cbbd978d915a605e6b82a79d9b587d5736bceb659fc39b

    • SSDEEP

      24576:vbqXj5Xh52IDv+hPEQLbIINN7umGLrCXB3TYdCMZ:vb8daI7+hPEobIIrCmGLGdTYMMZ

    • Removes its main activity from the application launcher

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks