General
-
Target
00366a7f4388f8ab79c2d07e39b2f98c_JaffaCakes118
-
Size
29.8MB
-
Sample
240426-hhn3eaba89
-
MD5
00366a7f4388f8ab79c2d07e39b2f98c
-
SHA1
e53d52880eae865056eae7b8a50d72467130187b
-
SHA256
a5f4e9e7e4c69397e1f2848668f369bb852693aca8ac40e92d9301d548fbf5f4
-
SHA512
3f10cb65438cf02de60691f284d7636340963c0bb8817ed58203f165e0bc5ed42c84d6b0a1655f1692589de9b834cd0daa3b15008dc3462364743dc694e578c9
-
SSDEEP
786432:gWxDKwdWMsv4IqibFt5FiMdfmxY2G9hlErwzlmM9:ZDKwdWzUWiMdfmyfWrmlmM9
Malware Config
Targets
-
-
Target
00366a7f4388f8ab79c2d07e39b2f98c_JaffaCakes118
-
Size
29.8MB
-
MD5
00366a7f4388f8ab79c2d07e39b2f98c
-
SHA1
e53d52880eae865056eae7b8a50d72467130187b
-
SHA256
a5f4e9e7e4c69397e1f2848668f369bb852693aca8ac40e92d9301d548fbf5f4
-
SHA512
3f10cb65438cf02de60691f284d7636340963c0bb8817ed58203f165e0bc5ed42c84d6b0a1655f1692589de9b834cd0daa3b15008dc3462364743dc694e578c9
-
SSDEEP
786432:gWxDKwdWMsv4IqibFt5FiMdfmxY2G9hlErwzlmM9:ZDKwdWzUWiMdfmyfWrmlmM9
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
-
-
Target
huajiao_plugin_liaoqiuba.apk
-
Size
9.6MB
-
MD5
89d8722c0ba5559b970c7cf966e9ebf6
-
SHA1
81ed8dc32c4b83ecba15a23a4c129fac00cffd09
-
SHA256
0f03269bee24c5621da17f2fb816d12082bb4a281d97a3d10547027bd2c36d4d
-
SHA512
c970983a96d2bf4735bd27f48e7f73888f04a6ab933fa219ec2054907ea4ff832f609a2d65fd7ef5c61e6c6053c76f51dd105eb244e6589780d91c9dcbffc2d5
-
SSDEEP
196608:TDHGZEhKmPDAASJxkKwdWP6Q1gu3Dr2SyV0iBUKGLB/Psg1hdW:PCWKmPPjKwdWyBsv40rnLBX3E
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
-
-
Target
global.jar
-
Size
246KB
-
MD5
2e5ad43a3e4f2a4a28271a482a28fda7
-
SHA1
97d5b3e74edf4144625c5fc9d51ba5ff4416b7b4
-
SHA256
1f04143818afafb8c36185cf0142e4f2a569e237d56d00d46be93b980525a09c
-
SHA512
536cf280e7bf0acc0e04d83761ebf6089d7e2f25f7dc19cc5db0f0006c8f7790f217090daa537c52167357b24ae71457c4409102622c4864ac4c2592a47f5972
-
SSDEEP
6144:PXIiV65MsYAgp/q7bCtJ8/UieNjW2JYaaJ6UMELQ:PXxrsd7uUU7NqCC7Q
Score1/10 -