General
-
Target
2280df007ce91495cb2ebeb168fe86f2_JaffaCakes118
-
Size
615KB
-
Sample
240508-bcgb2shh8t
-
MD5
2280df007ce91495cb2ebeb168fe86f2
-
SHA1
664fb20b27bcee2eae0809ff8ea0c0a7af684069
-
SHA256
9005ba457457cbce73a7fc2b172f579eec80bf366515976e9c1fb5f8e87990ad
-
SHA512
89211f9c6bcb32bb4e8eb00246007db041d6b57af5b720c38233feeb3526134de94e868fff63c312a9c2ffe6cea077a8c6454f7e3b39b6e702aad3cc45cb7d3a
-
SSDEEP
12288:YS6muxDbAgEXa11f9yZH3L+E/U8OQ4gDFTIKn1MQWnA+Rhffmdarl:YS6muxD8gEM1fYH7F5FTJ+REa
Malware Config
Targets
-
-
Target
2280df007ce91495cb2ebeb168fe86f2_JaffaCakes118
-
Size
615KB
-
MD5
2280df007ce91495cb2ebeb168fe86f2
-
SHA1
664fb20b27bcee2eae0809ff8ea0c0a7af684069
-
SHA256
9005ba457457cbce73a7fc2b172f579eec80bf366515976e9c1fb5f8e87990ad
-
SHA512
89211f9c6bcb32bb4e8eb00246007db041d6b57af5b720c38233feeb3526134de94e868fff63c312a9c2ffe6cea077a8c6454f7e3b39b6e702aad3cc45cb7d3a
-
SSDEEP
12288:YS6muxDbAgEXa11f9yZH3L+E/U8OQ4gDFTIKn1MQWnA+Rhffmdarl:YS6muxD8gEM1fYH7F5FTJ+REa
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Checks Android system properties for emulator presence.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
2System Checks
2