General
-
Target
3f9dc7b9a5dfb4648c23b86f5c4403ee_JaffaCakes118
-
Size
16.9MB
-
Sample
240513-qa7hsaff8x
-
MD5
3f9dc7b9a5dfb4648c23b86f5c4403ee
-
SHA1
5ee951241e19a631ef4916ccde2a623ee1c52cbb
-
SHA256
c634523e43959b08ddd2d87df811086889b6ab375c62fbfd8caeefe4688ffecd
-
SHA512
47533674ddaf145f23426f300ded8fb14c466c022aacaa5792abd3cd41e34f929fa5697e9f1080f4d7edc2d3e38d8c59ab96b8caf7fda9eb03697c10f800c536
-
SSDEEP
393216:ejfJLn8mNDIAg8z9Ohcau76U18G7hdoboG9OwyC0oeItHTpKSCUWk:ejfJ78myAghcHBm2hab5T30ontpKSCq
Malware Config
Targets
-
-
Target
3f9dc7b9a5dfb4648c23b86f5c4403ee_JaffaCakes118
-
Size
16.9MB
-
MD5
3f9dc7b9a5dfb4648c23b86f5c4403ee
-
SHA1
5ee951241e19a631ef4916ccde2a623ee1c52cbb
-
SHA256
c634523e43959b08ddd2d87df811086889b6ab375c62fbfd8caeefe4688ffecd
-
SHA512
47533674ddaf145f23426f300ded8fb14c466c022aacaa5792abd3cd41e34f929fa5697e9f1080f4d7edc2d3e38d8c59ab96b8caf7fda9eb03697c10f800c536
-
SSDEEP
393216:ejfJLn8mNDIAg8z9Ohcau76U18G7hdoboG9OwyC0oeItHTpKSCUWk:ejfJ78myAghcHBm2hab5T30ontpKSCq
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1