General

  • Target

    8f9fcafba0b0d7708617f0ac0e627dab_JaffaCakes118

  • Size

    617KB

  • Sample

    241104-g6zclsymfj

  • MD5

    8f9fcafba0b0d7708617f0ac0e627dab

  • SHA1

    d9a57852797d275f83d1717215b26f1cdb11504c

  • SHA256

    3d5bca89a07977a49f2ebed630f5ee33627a09798c0e2f702dcb7687d4060604

  • SHA512

    acb2794b7b0a10d5c7c1f6b270724d3c858ac90af62e3098b2703eb4551a27d91b5fa24adfae34de3e9770c91f2f16ccac3f592c070307967d1c29aabf21e705

  • SSDEEP

    12288:7PKdcrOsRtde6GSjcfjC97IGfGIw6vPRaHVxDFTIKn1MQWnA+RhffmdarY:2YOsRtof7Q+IX0vFTJ+REj

Malware Config

Targets

    • Target

      8f9fcafba0b0d7708617f0ac0e627dab_JaffaCakes118

    • Size

      617KB

    • MD5

      8f9fcafba0b0d7708617f0ac0e627dab

    • SHA1

      d9a57852797d275f83d1717215b26f1cdb11504c

    • SHA256

      3d5bca89a07977a49f2ebed630f5ee33627a09798c0e2f702dcb7687d4060604

    • SHA512

      acb2794b7b0a10d5c7c1f6b270724d3c858ac90af62e3098b2703eb4551a27d91b5fa24adfae34de3e9770c91f2f16ccac3f592c070307967d1c29aabf21e705

    • SSDEEP

      12288:7PKdcrOsRtde6GSjcfjC97IGfGIw6vPRaHVxDFTIKn1MQWnA+RhffmdarY:2YOsRtof7Q+IX0vFTJ+REj

    • Removes its main activity from the application launcher

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the mobile country code (MCC)

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks