General
-
Target
68472a9bdee8666470755f320eeec906_JaffaCakes118
-
Size
31.9MB
-
Sample
240522-xmgw8ach75
-
MD5
68472a9bdee8666470755f320eeec906
-
SHA1
43c1eea8521c610853a48e1d86799e4cfe7ace92
-
SHA256
08badbd398f68eeaeeb808c1fa3b7ae584d27d4021874fd96902b25068e25838
-
SHA512
e683e11bb6fe75a3d452f50fde5e1eeca3bd81a54486ce02657f1500bf38f2cfb3e1f7179861f85a9c302e23df6026f3cc837abd9cd3bc0ce9e38e6db543bc1d
-
SSDEEP
786432:UGUoXl7BanpkegpiJ5xfV7rprBC/gzZkJjXsMAgYblba:VBV7BuKegoJDfVnpcgzwsM6ba
Malware Config
Targets
-
-
Target
68472a9bdee8666470755f320eeec906_JaffaCakes118
-
Size
31.9MB
-
MD5
68472a9bdee8666470755f320eeec906
-
SHA1
43c1eea8521c610853a48e1d86799e4cfe7ace92
-
SHA256
08badbd398f68eeaeeb808c1fa3b7ae584d27d4021874fd96902b25068e25838
-
SHA512
e683e11bb6fe75a3d452f50fde5e1eeca3bd81a54486ce02657f1500bf38f2cfb3e1f7179861f85a9c302e23df6026f3cc837abd9cd3bc0ce9e38e6db543bc1d
-
SSDEEP
786432:UGUoXl7BanpkegpiJ5xfV7rprBC/gzZkJjXsMAgYblba:VBV7BuKegoJDfVnpcgzwsM6ba
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-