General
-
Target
01e4da4fa435b9a1bd6b79b5f83f75a5_JaffaCakes118
-
Size
3.9MB
-
Sample
240426-3b92hsfa6y
-
MD5
01e4da4fa435b9a1bd6b79b5f83f75a5
-
SHA1
7cb0035db2252cfcdb9e10726f33d27cac98afca
-
SHA256
2287dfd9abe110464007d6dd4372d913f537bb262f8a5e0e4cafb39edc11e2bc
-
SHA512
6e3cfaec5c039ca0c54da34fb0864f734a7aa9493e5a1636d5ae599d42784efb4651b1488fd857c1693bb577fe49d75fd7bc6d00d5d89c343855f55dbf8d9cc2
-
SSDEEP
98304:VpzhCZEShZicg5g+qbRl4SviXEaVsb/s6:VVjSJIcXb/s6
Malware Config
Extracted
joker
http://api.exc.mob.com:80
Targets
-
-
Target
01e4da4fa435b9a1bd6b79b5f83f75a5_JaffaCakes118
-
Size
3.9MB
-
MD5
01e4da4fa435b9a1bd6b79b5f83f75a5
-
SHA1
7cb0035db2252cfcdb9e10726f33d27cac98afca
-
SHA256
2287dfd9abe110464007d6dd4372d913f537bb262f8a5e0e4cafb39edc11e2bc
-
SHA512
6e3cfaec5c039ca0c54da34fb0864f734a7aa9493e5a1636d5ae599d42784efb4651b1488fd857c1693bb577fe49d75fd7bc6d00d5d89c343855f55dbf8d9cc2
-
SSDEEP
98304:VpzhCZEShZicg5g+qbRl4SviXEaVsb/s6:VVjSJIcXb/s6
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-