General
-
Target
f40cf27df7f963050c972661fda92eee_JaffaCakes118
-
Size
11.7MB
-
Sample
240416-wwp4hshb29
-
MD5
f40cf27df7f963050c972661fda92eee
-
SHA1
0e026766f8eeb0a7bf9553c5dd0e3a0a4689410c
-
SHA256
5cbb9a57c0826d50697c08a296c750eecee4ce879ea514be5edb826dde6b8170
-
SHA512
1c9cacab708eb10109a9e2ce717dae265eeef61946f13d712af09a5338cd1a8ff18e4a99ed0f3704796cf39b0031040d613a945f60ae2a8b5f1dfed24ef9992b
-
SSDEEP
196608:v4+eJNOtGe+uc/PUM1Z4sz1mciR1vFwvc+OCEgCl04JxYY4G:v4+gCGvL/cMIu1mciR1mlOCEFl04Jx4G
Malware Config
Targets
-
-
Target
f40cf27df7f963050c972661fda92eee_JaffaCakes118
-
Size
11.7MB
-
MD5
f40cf27df7f963050c972661fda92eee
-
SHA1
0e026766f8eeb0a7bf9553c5dd0e3a0a4689410c
-
SHA256
5cbb9a57c0826d50697c08a296c750eecee4ce879ea514be5edb826dde6b8170
-
SHA512
1c9cacab708eb10109a9e2ce717dae265eeef61946f13d712af09a5338cd1a8ff18e4a99ed0f3704796cf39b0031040d613a945f60ae2a8b5f1dfed24ef9992b
-
SSDEEP
196608:v4+eJNOtGe+uc/PUM1Z4sz1mciR1vFwvc+OCEgCl04JxYY4G:v4+gCGvL/cMIu1mciR1mlOCEFl04Jx4G
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device.
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection.
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3