General
-
Target
67c5c456a19ef4ef94edf666ddcc3c91_JaffaCakes118
-
Size
16.6MB
-
Sample
240522-s511lagb6x
-
MD5
67c5c456a19ef4ef94edf666ddcc3c91
-
SHA1
9180c1a88fc45e968829c77a859483677a97fc94
-
SHA256
2660a12e02d535d2c3a8c119f7f6131ebe19ccf6ecf771b4a870eeb306a6088b
-
SHA512
40b2b935c62b4ca9b5b2b1742def4633bc7077b15f2773a81fa8d38c5516fabdb47f5c6f48b179cc4127c37c2f11f69be9897ac82122873c55d5db09c538b4cd
-
SSDEEP
393216:334RTvYoXOoWJSIFqorjyVL8VuK9LwjeqzG:33qTvYoKvPt9ZH
Malware Config
Targets
-
-
Target
67c5c456a19ef4ef94edf666ddcc3c91_JaffaCakes118
-
Size
16.6MB
-
MD5
67c5c456a19ef4ef94edf666ddcc3c91
-
SHA1
9180c1a88fc45e968829c77a859483677a97fc94
-
SHA256
2660a12e02d535d2c3a8c119f7f6131ebe19ccf6ecf771b4a870eeb306a6088b
-
SHA512
40b2b935c62b4ca9b5b2b1742def4633bc7077b15f2773a81fa8d38c5516fabdb47f5c6f48b179cc4127c37c2f11f69be9897ac82122873c55d5db09c538b4cd
-
SSDEEP
393216:334RTvYoXOoWJSIFqorjyVL8VuK9LwjeqzG:33qTvYoKvPt9ZH
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-