General

  • Target

    8c8b1c483acb9d752cdfcdb7a0152738_JaffaCakes118

  • Size

    429KB

  • Sample

    241103-vh3a9azdjr

  • MD5

    8c8b1c483acb9d752cdfcdb7a0152738

  • SHA1

    e983dd1d83aae37fd77fc46aa467604d519a8346

  • SHA256

    cb4fbc459b198d86afadfa56a74c1d97335ab06e4f7d5c335f8e60067747fbd7

  • SHA512

    1d396026a004be36c6aa49a6971b65b1c8fa9d967eda4c05b5a251e2f1e3e4c2582278e29c929c6e19bd3abb326764e182ef5ad798c5bd7483a4f08586478537

  • SSDEEP

    6144:h70nNyxNbJlXfCxJZ1pYFwCJ2hYCXTFCCHE92VxjJUlitgZ3ImIPoFZzZ:h70oP2xr16FwCAYcTQ2EwB5glIpovzZ

Malware Config

Targets

    • Target

      8c8b1c483acb9d752cdfcdb7a0152738_JaffaCakes118

    • Size

      429KB

    • MD5

      8c8b1c483acb9d752cdfcdb7a0152738

    • SHA1

      e983dd1d83aae37fd77fc46aa467604d519a8346

    • SHA256

      cb4fbc459b198d86afadfa56a74c1d97335ab06e4f7d5c335f8e60067747fbd7

    • SHA512

      1d396026a004be36c6aa49a6971b65b1c8fa9d967eda4c05b5a251e2f1e3e4c2582278e29c929c6e19bd3abb326764e182ef5ad798c5bd7483a4f08586478537

    • SSDEEP

      6144:h70nNyxNbJlXfCxJZ1pYFwCJ2hYCXTFCCHE92VxjJUlitgZ3ImIPoFZzZ:h70oP2xr16FwCAYcTQ2EwB5glIpovzZ

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the content of SMS inbox messages.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Queries information about active data network

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Mobile v15

Tasks