General
-
Target
69394ddcb0634ded39524b5ee1eb7d49_JaffaCakes118
-
Size
16.6MB
-
Sample
240523-bdf3nsfh62
-
MD5
69394ddcb0634ded39524b5ee1eb7d49
-
SHA1
cd4963a30213fbc375a8cc718c416a059c73ea73
-
SHA256
e2ff33d9d9fa8316fc58f812d87773c5076a0918d495b172a8071f2df210ee2c
-
SHA512
57349f71dfcd5b2e14023e73a3455a9848e4b45d6f3635009fedae8477ecb0198565c5c19f1749b7626f430f9c666cd9de8ba064c6121e70c5eeef303ca90821
-
SSDEEP
393216:fALI2agjbaHMGll16Hm5pKoYjNVL8VuK9LwjeqzI:fALI2aYbaHvlP6HVYt9ZX
Malware Config
Targets
-
-
Target
69394ddcb0634ded39524b5ee1eb7d49_JaffaCakes118
-
Size
16.6MB
-
MD5
69394ddcb0634ded39524b5ee1eb7d49
-
SHA1
cd4963a30213fbc375a8cc718c416a059c73ea73
-
SHA256
e2ff33d9d9fa8316fc58f812d87773c5076a0918d495b172a8071f2df210ee2c
-
SHA512
57349f71dfcd5b2e14023e73a3455a9848e4b45d6f3635009fedae8477ecb0198565c5c19f1749b7626f430f9c666cd9de8ba064c6121e70c5eeef303ca90821
-
SSDEEP
393216:fALI2agjbaHMGll16Hm5pKoYjNVL8VuK9LwjeqzI:fALI2aYbaHvlP6HVYt9ZX
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2