General
-
Target
2a8e0fcd3332ef0583a7557fd9bb8838_JaffaCakes118
-
Size
11.2MB
-
Sample
240509-sj5fwsbb49
-
MD5
2a8e0fcd3332ef0583a7557fd9bb8838
-
SHA1
0f81a61f37b7cf13323ec98af722a9a312f63649
-
SHA256
ea22884a32fd053be5b63eb02e416d84d7a822c692c5515adae29778f1feb1cb
-
SHA512
a8a6dc1fd0cf4b0b88ef3551acc6ba7c5dbe06ad98623d98be7fb33d32d92792e7e3b61a7348e359ba57fd7a61984d9c207689527ca1c377d77e859124a25065
-
SSDEEP
196608:KXy1Clb03Mv1fqZD23AKiL6djy7EvdpDKvQBw//6TswSTPNSkE5D15S1j7FHDh/T:KX5bbAZ+AbL6FVpvI6TYTPQ3XeZH2zI
Malware Config
Targets
-
-
Target
2a8e0fcd3332ef0583a7557fd9bb8838_JaffaCakes118
-
Size
11.2MB
-
MD5
2a8e0fcd3332ef0583a7557fd9bb8838
-
SHA1
0f81a61f37b7cf13323ec98af722a9a312f63649
-
SHA256
ea22884a32fd053be5b63eb02e416d84d7a822c692c5515adae29778f1feb1cb
-
SHA512
a8a6dc1fd0cf4b0b88ef3551acc6ba7c5dbe06ad98623d98be7fb33d32d92792e7e3b61a7348e359ba57fd7a61984d9c207689527ca1c377d77e859124a25065
-
SSDEEP
196608:KXy1Clb03Mv1fqZD23AKiL6djy7EvdpDKvQBw//6TswSTPNSkE5D15S1j7FHDh/T:KX5bbAZ+AbL6FVpvI6TYTPQ3XeZH2zI
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests dangerous framework permissions
-
-
-
Target
PandaHome2.mp3
-
Size
6.4MB
-
MD5
5011f55af38c92dacf828ebcec5661b5
-
SHA1
8cdd71a6b2ff882cdad7417fde86ffdd10c56e54
-
SHA256
53960318a44827dd37509209d22e22202e39e3b045308ed8771517853cbabe78
-
SHA512
707051b5c09283494da411d0ed88c83cfe2fad65523358f37ceb56e26820b95ab52fe60a9fb3a6ea443ff20071a651e0c4398c11353b468bc631c1f6c88e67b5
-
SSDEEP
196608:JXy1Clb03Mv1fqZD23AKiL6djy7EvdpDKvQBw//6TswSTPNSkE5DL:JX5bbAZ+AbL6FVpvI6TYTPQ3L
Score7/10-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Changes the wallpaper (common with ransomware activity)
-
-
-
Target
com.nd.hilauncherdev.search.inapp_V_1_M_c4c280be9b982c391d9f0350d13de4cc.jar
-
Size
188KB
-
MD5
0bc96bbe01853143b1b48abcfd88da3f
-
SHA1
92ce1baf9248ff57213a2aaf31881bba1931374e
-
SHA256
144a265192f34c967c55fc696a54fa2ade2f67852521aa085b1f4ca1d9b6f982
-
SHA512
840779490ee48cc3ee652c8fbe56ed2a8856c19da6fd6e19177595cec05eed0a7ff9b3c3797d4a97331096ebc16c6413f9aedb2c2e7d9a28871336d6e4c7e0f8
-
SSDEEP
3072:iqGvWFDqMdG68KxY1suBo9oq1tg+2U0F7E4SAM7nl:cWFDQr1suBo9rG+J0Gll
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
-
-
Target
nd.jar
-
Size
3KB
-
MD5
330e5a7a65f3d6593b4e3693cb6b581a
-
SHA1
97ed25af93827667740ddc0f5f20efaa0db79f2f
-
SHA256
effd679a8cfef061b537814b41f2733a9785d80d1d11f8c61216a78b35c747ca
-
SHA512
3b2234d683cfbfde304d23150678595076eff41c691269dfc0d1d035b784113879e84d19ec732b257ea2146b4170edda2d8ece79449c2a33d948d0ae4e777328
Score1/10 -