General
-
Target
f9ed050d0a7fb6cc6b8c073fc469a9ce_JaffaCakes118
-
Size
4.0MB
-
Sample
240419-kjr7kada63
-
MD5
f9ed050d0a7fb6cc6b8c073fc469a9ce
-
SHA1
5e8fe8262e5d8d2f19c1cf36f477d4d869b4ff5e
-
SHA256
d6348a5aca930021adb7164e1d74389815eebd7e5e338f8fb93a206b26b26190
-
SHA512
891396fdec4457d6fc4458f64a3b38b3c7a1904b5207e733002d8fd8bf42bf56c1bfc058dd55839246de50f90ae6275653d93f6cc2fce0875a8414a9e105ee62
-
SSDEEP
98304:br9Dhq7rgA6UBC0Xd8ETTdUD5nDc33JJ9:P9lqbC0XaETTdQtDcH9
Malware Config
Targets
-
-
Target
f9ed050d0a7fb6cc6b8c073fc469a9ce_JaffaCakes118
-
Size
4.0MB
-
MD5
f9ed050d0a7fb6cc6b8c073fc469a9ce
-
SHA1
5e8fe8262e5d8d2f19c1cf36f477d4d869b4ff5e
-
SHA256
d6348a5aca930021adb7164e1d74389815eebd7e5e338f8fb93a206b26b26190
-
SHA512
891396fdec4457d6fc4458f64a3b38b3c7a1904b5207e733002d8fd8bf42bf56c1bfc058dd55839246de50f90ae6275653d93f6cc2fce0875a8414a9e105ee62
-
SSDEEP
98304:br9Dhq7rgA6UBC0Xd8ETTdUD5nDc33JJ9:P9lqbC0XaETTdQtDcH9
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device.
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection.
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-