General
-
Target
6a97906b717aeb8372cba9e43c8d0ab0_JaffaCakes118
-
Size
31.8MB
-
Sample
240523-l52hsscg32
-
MD5
6a97906b717aeb8372cba9e43c8d0ab0
-
SHA1
7e33738315a7a2fe681c256eb501b9185ff3d668
-
SHA256
7a3585f9ba8f367bc90fe3348ae3f72d577a75067146ec6965958d8be94c1744
-
SHA512
3243de59ef0220c3d260ed4dc6ed5973a092e3675054393b50f9013010c3dc417994387cec641357a4eb2456b3b633f043a75b5f81bb565d75095e9706e4ca4d
-
SSDEEP
786432:8S/CD/fwUHoFBa2zb40EBT4awAis5NNGiT9QhKiJ03lwLCDJEq02vhNB11+:8nD3wRBa2zbqJ4rA9lGA2hKYwwLmC2vQ
Malware Config
Targets
-
-
Target
6a97906b717aeb8372cba9e43c8d0ab0_JaffaCakes118
-
Size
31.8MB
-
MD5
6a97906b717aeb8372cba9e43c8d0ab0
-
SHA1
7e33738315a7a2fe681c256eb501b9185ff3d668
-
SHA256
7a3585f9ba8f367bc90fe3348ae3f72d577a75067146ec6965958d8be94c1744
-
SHA512
3243de59ef0220c3d260ed4dc6ed5973a092e3675054393b50f9013010c3dc417994387cec641357a4eb2456b3b633f043a75b5f81bb565d75095e9706e4ca4d
-
SSDEEP
786432:8S/CD/fwUHoFBa2zb40EBT4awAis5NNGiT9QhKiJ03lwLCDJEq02vhNB11+:8nD3wRBa2zbqJ4rA9lGA2hKYwwLmC2vQ
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
-
-
Target
bdxadsdk.jar
-
Size
85KB
-
MD5
33d29faa7d49af349942a7005f7c19d5
-
SHA1
a80e3ec3ce3b7a7a561b0c37642e9a33700d6a38
-
SHA256
0c51612ef512f40890a61bb43a82d75be042bb81e777256ce65434dafe0a8d12
-
SHA512
0095beb08d9de9bf53e22b5e19492c3b2dac97d35667c9b7d1740d188c816dbcb32d9eb28a49e0f1e5c0ec546d7e448e2471852fc716fd1a3107d05d9bea67e2
-
SSDEEP
1536:Svc+ZnAgFdQZNkbxjvVqepTNioTYX0ZNCou5yvZWvOcrR0ps/nwXlS3oMlAz3SIB:S9zkZ2NqepTNlPooKOcr2pFVMkC8
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
149KB
-
MD5
5bbd4987057c6aa8f1992d72206c68a9
-
SHA1
3a2b6dae68dce8239f680c2684c648238bc1bf36
-
SHA256
2a7fea6e019debe6a0b0c8a5bff40a0451133d3f122d3bcb8f28aed615c50539
-
SHA512
ec138779d809f32ffe54998314263546f630fef799bb3cbf61fd494706724a3f756e0b3a5e721765b121a053b56cbe3e39f8edd09c17cae8289d677f9c4b8f73
-
SSDEEP
3072:s9ECghK7Pic1Oy3c/obh2acQZD8+jb1gUKno8+l7kSVi:sig7KijlbhncQ58CCUKolkSM
Score1/10 -