General
-
Target
63abdd0a8b1a74968bca21b224d744a9_JaffaCakes118
-
Size
16.1MB
-
Sample
240521-r5ypsshe58
-
MD5
63abdd0a8b1a74968bca21b224d744a9
-
SHA1
783a325168aded481f80132a021be14e99e68dba
-
SHA256
bb17c02c5d10986c69c7534d3aaabf4d23dc830bed028ab66e09ebaab900a580
-
SHA512
66a50ecad31e309e9d073a9c4319bb8bffde016ca590475c573ace766132913a17b3e0dd19176878601011327686cf1b597e4b21dac4cfacee8405b941b06260
-
SSDEEP
393216:3An7u4iN6EfAbAl+CKxcLXTiZfpm6YwEhMb70NFVH:K7un5f2dxcLjmUzhMaR
Malware Config
Targets
-
-
Target
63abdd0a8b1a74968bca21b224d744a9_JaffaCakes118
-
Size
16.1MB
-
MD5
63abdd0a8b1a74968bca21b224d744a9
-
SHA1
783a325168aded481f80132a021be14e99e68dba
-
SHA256
bb17c02c5d10986c69c7534d3aaabf4d23dc830bed028ab66e09ebaab900a580
-
SHA512
66a50ecad31e309e9d073a9c4319bb8bffde016ca590475c573ace766132913a17b3e0dd19176878601011327686cf1b597e4b21dac4cfacee8405b941b06260
-
SSDEEP
393216:3An7u4iN6EfAbAl+CKxcLXTiZfpm6YwEhMb70NFVH:K7un5f2dxcLjmUzhMaR
Score8/10-
Checks if the Android device is rooted.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1