General
-
Target
625cb702476486e20e7d86d3616cc79c_JaffaCakes118
-
Size
728KB
-
Sample
240521-hebmxabf8x
-
MD5
625cb702476486e20e7d86d3616cc79c
-
SHA1
46c3e3a4d41ec933169c257b67a77a013f9249b9
-
SHA256
d322d9e216c5479453051cc3d96927efc827c8e0ca6de62a6963c2dee4760e30
-
SHA512
5555c3ce8b4fb2478e3e622cc4b8f091ace4fc8cb14137cfb36056220af652671057f4a3821f29f2a9a63e33c6dde96168bbe6c87053ae7e093649a88a8c48a6
-
SSDEEP
12288:4IxKDEZXz+P96X3a86Df4nUErWZHYbnPYGoPG+4ta6Zv:4IxKU6P96X3pUPHYbnP/Y4v
Malware Config
Targets
-
-
Target
625cb702476486e20e7d86d3616cc79c_JaffaCakes118
-
Size
728KB
-
MD5
625cb702476486e20e7d86d3616cc79c
-
SHA1
46c3e3a4d41ec933169c257b67a77a013f9249b9
-
SHA256
d322d9e216c5479453051cc3d96927efc827c8e0ca6de62a6963c2dee4760e30
-
SHA512
5555c3ce8b4fb2478e3e622cc4b8f091ace4fc8cb14137cfb36056220af652671057f4a3821f29f2a9a63e33c6dde96168bbe6c87053ae7e093649a88a8c48a6
-
SSDEEP
12288:4IxKDEZXz+P96X3a86Df4nUErWZHYbnPYGoPG+4ta6Zv:4IxKU6P96X3pUPHYbnP/Y4v
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Checks Android system properties for emulator presence.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
3System Checks
3