General
-
Target
00ebb1ce03a2fccb467429d77b55095c_JaffaCakes118
-
Size
13.9MB
-
Sample
240426-q9vchadf91
-
MD5
00ebb1ce03a2fccb467429d77b55095c
-
SHA1
162e61b55d36d3a6b8e54a95aff4605679d6b1fd
-
SHA256
68dfed82b467f735b4a8d25fd14fad286e9074742fbb5980bd8b6a26dd92d61e
-
SHA512
993b66382fa25f6b7119c94c9bf975f5557df6807a2c81cb400b8a6a14dd74ad3576ca235b25117e2682725c6802823398cffa51dcb909f01b9ce510ff4b5245
-
SSDEEP
393216:ELszlmlDN7hy62vCuklymFnPVAMGHRK+MX:ELsENVC5klymFnPmRgX
Malware Config
Targets
-
-
Target
00ebb1ce03a2fccb467429d77b55095c_JaffaCakes118
-
Size
13.9MB
-
MD5
00ebb1ce03a2fccb467429d77b55095c
-
SHA1
162e61b55d36d3a6b8e54a95aff4605679d6b1fd
-
SHA256
68dfed82b467f735b4a8d25fd14fad286e9074742fbb5980bd8b6a26dd92d61e
-
SHA512
993b66382fa25f6b7119c94c9bf975f5557df6807a2c81cb400b8a6a14dd74ad3576ca235b25117e2682725c6802823398cffa51dcb909f01b9ce510ff4b5245
-
SSDEEP
393216:ELszlmlDN7hy62vCuklymFnPVAMGHRK+MX:ELsENVC5klymFnPmRgX
Score7/10-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-