General
-
Target
246497a50586703fe1b19858946d0998_JaffaCakes118
-
Size
30.8MB
-
Sample
240508-mdbzhaff4v
-
MD5
246497a50586703fe1b19858946d0998
-
SHA1
854762a7dec7f3fba875e3173ba5b3456aa10df3
-
SHA256
aeacd50cf503033b844c1d556830e23067a9af8e05f79d3a9448e2fc2835190f
-
SHA512
2ff6b858836795f5970bf667a9e734da96dccfd2df68484a56bb7ac5d1464694a6a1c0e27c67703c765d5298c3dd157a1378c729d1e18a98148b806601edf792
-
SSDEEP
786432:AyqW7k8Vjuekf1Gi+cqA59rXodRZ12nzS7P5Thbrf0PD:TI8Vjlkf1S0Xkd52nzcbrsPD
Malware Config
Extracted
joker
https://open.weixin.qq.com/connect/sdk/qrconnect?appid=%s&noncestr=%s×tamp=%s&scope=%s&signature=%s
Targets
-
-
Target
246497a50586703fe1b19858946d0998_JaffaCakes118
-
Size
30.8MB
-
MD5
246497a50586703fe1b19858946d0998
-
SHA1
854762a7dec7f3fba875e3173ba5b3456aa10df3
-
SHA256
aeacd50cf503033b844c1d556830e23067a9af8e05f79d3a9448e2fc2835190f
-
SHA512
2ff6b858836795f5970bf667a9e734da96dccfd2df68484a56bb7ac5d1464694a6a1c0e27c67703c765d5298c3dd157a1378c729d1e18a98148b806601edf792
-
SSDEEP
786432:AyqW7k8Vjuekf1Gi+cqA59rXodRZ12nzS7P5Thbrf0PD:TI8Vjlkf1S0Xkd52nzcbrsPD
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-