General
-
Target
670fb510cbcd5ce864020e049d5bff6a_JaffaCakes118
-
Size
13.7MB
-
Sample
240522-naxx8scg2w
-
MD5
670fb510cbcd5ce864020e049d5bff6a
-
SHA1
f3c26ad3eae4825ab5b17b2e6b87ce781736f4f6
-
SHA256
d004b19a9c60d13ab65ea697b7932499f4f510973d15f678bbf4a1be84c9f768
-
SHA512
dba9b05935b4cb8cb41b7a888c80c98f8f0d296f78d58fb3f90ef6cd82dfb28aec400cc82b0893e2face3423c5d3520dc25f06124854ff26581f691242d1c892
-
SSDEEP
393216:zOfzI6WHGrXt+em3eRxZNjR7VQ+5cFXNXQbAXmlh:zOfCHGjpm3eRxPjRW+OXZQbAWz
Malware Config
Extracted
joker
http://open.weixin.qq.com/connect/sdk/qrconnect?appid=%s&noncestr=%s×tamp=%s&scope=%s&signature=%s
http://wke.openspeech.cn/wakeup/
https://mobilegw.alipay.com/mgw.htm
Targets
-
-
Target
670fb510cbcd5ce864020e049d5bff6a_JaffaCakes118
-
Size
13.7MB
-
MD5
670fb510cbcd5ce864020e049d5bff6a
-
SHA1
f3c26ad3eae4825ab5b17b2e6b87ce781736f4f6
-
SHA256
d004b19a9c60d13ab65ea697b7932499f4f510973d15f678bbf4a1be84c9f768
-
SHA512
dba9b05935b4cb8cb41b7a888c80c98f8f0d296f78d58fb3f90ef6cd82dfb28aec400cc82b0893e2face3423c5d3520dc25f06124854ff26581f691242d1c892
-
SSDEEP
393216:zOfzI6WHGrXt+em3eRxZNjR7VQ+5cFXNXQbAXmlh:zOfCHGjpm3eRxPjRW+OXZQbAWz
Score8/10-
Checks if the Android device is rooted.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-