General
-
Target
0ddac187bcec564906043e70ca2b6096_JaffaCakes118
-
Size
1.4MB
-
Sample
240502-h3vqpaec46
-
MD5
0ddac187bcec564906043e70ca2b6096
-
SHA1
9f017f4cb0d420a0a717a298d2416e4060f0c531
-
SHA256
5882aeba41ce45bcc23b49378baa5d0e28c774c3716cc89982492fe3075e0234
-
SHA512
3d1f3ab5c887729a5668a097c22090e3977cf4efcdbe2ce50a405a2e73dfb31486df07a978c58aa1b43bee02d99d00c7c997358acae2cd2284f8f1eb453795cd
-
SSDEEP
24576:BaVUcbzzKtd+b3V/nbGmc1+g/wQIQPlQVslGOEeRRWpbR92VNqZ7VJKC/hNzVxBc:BaVPKAMx+ywHe/0b72VNg7VJKCpNm
Malware Config
Targets
-
-
Target
0ddac187bcec564906043e70ca2b6096_JaffaCakes118
-
Size
1.4MB
-
MD5
0ddac187bcec564906043e70ca2b6096
-
SHA1
9f017f4cb0d420a0a717a298d2416e4060f0c531
-
SHA256
5882aeba41ce45bcc23b49378baa5d0e28c774c3716cc89982492fe3075e0234
-
SHA512
3d1f3ab5c887729a5668a097c22090e3977cf4efcdbe2ce50a405a2e73dfb31486df07a978c58aa1b43bee02d99d00c7c997358acae2cd2284f8f1eb453795cd
-
SSDEEP
24576:BaVUcbzzKtd+b3V/nbGmc1+g/wQIQPlQVslGOEeRRWpbR92VNqZ7VJKC/hNzVxBc:BaVPKAMx+ywHe/0b72VNg7VJKCpNm
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-