General
-
Target
06801922e51f9599b3f78a19c7be469c_JaffaCakes118
-
Size
602KB
-
Sample
240429-bphqmsed71
-
MD5
06801922e51f9599b3f78a19c7be469c
-
SHA1
4104aa1fe43314df19b61165af1d6da2941778a4
-
SHA256
28ff56f012a5a2f3d9484483f7e101cd779a16dc40ca55134b942278dc0c7e6f
-
SHA512
811fa3114754939e52383dcae81ecb5a79ce0410068ac37f645a4f583961beeeeab87c0b2c2cf2a022e98c69cbd90c1c20f7c1840276ea344d2564138f9f93a4
-
SSDEEP
12288:IEaFZvkGGNUuWW1NVwCKn6GAx1d9H1BY+0aTBpqSol2KpEhpX79w:IEaFmFN9v46flH72wOSoMK69w
Malware Config
Targets
-
-
Target
06801922e51f9599b3f78a19c7be469c_JaffaCakes118
-
Size
602KB
-
MD5
06801922e51f9599b3f78a19c7be469c
-
SHA1
4104aa1fe43314df19b61165af1d6da2941778a4
-
SHA256
28ff56f012a5a2f3d9484483f7e101cd779a16dc40ca55134b942278dc0c7e6f
-
SHA512
811fa3114754939e52383dcae81ecb5a79ce0410068ac37f645a4f583961beeeeab87c0b2c2cf2a022e98c69cbd90c1c20f7c1840276ea344d2564138f9f93a4
-
SSDEEP
12288:IEaFZvkGGNUuWW1NVwCKn6GAx1d9H1BY+0aTBpqSol2KpEhpX79w:IEaFmFN9v46flH72wOSoMK69w
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Checks Android system properties for emulator presence.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-