General
-
Target
6cde0887af4f517ac5e2c11442dd4f3b_JaffaCakes118
-
Size
18.5MB
-
Sample
240524-bfmm8sfe9s
-
MD5
6cde0887af4f517ac5e2c11442dd4f3b
-
SHA1
ca5c51bed18f03f2de961b8e193c6c3dad7f220b
-
SHA256
7109fd4584037dac8ba8b086ae5567845afdf265b8a76acb068322895124ed4f
-
SHA512
6b688f8f62237d39d9f15cf87784e191685a676c169a80d12d22c9a4e3a398acd6b852f2e89b476fca328d4528aef4ffb789640856ea373640190a79ae707d5d
-
SSDEEP
393216:ff0/LFwKzWc3hoLES+DO4s4ljDOCtdLodZQCwHlmAc2HiUbxAA:f8/LtRv1np/5odZvwHc/2dbxAA
Malware Config
Targets
-
-
Target
6cde0887af4f517ac5e2c11442dd4f3b_JaffaCakes118
-
Size
18.5MB
-
MD5
6cde0887af4f517ac5e2c11442dd4f3b
-
SHA1
ca5c51bed18f03f2de961b8e193c6c3dad7f220b
-
SHA256
7109fd4584037dac8ba8b086ae5567845afdf265b8a76acb068322895124ed4f
-
SHA512
6b688f8f62237d39d9f15cf87784e191685a676c169a80d12d22c9a4e3a398acd6b852f2e89b476fca328d4528aef4ffb789640856ea373640190a79ae707d5d
-
SSDEEP
393216:ff0/LFwKzWc3hoLES+DO4s4ljDOCtdLodZQCwHlmAc2HiUbxAA:f8/LtRv1np/5odZvwHc/2dbxAA
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
-
-
Target
rootv.pkg
-
Size
8.0MB
-
MD5
fe13df0de6c7c98a98f4f977f3e57d97
-
SHA1
02fd0c76727540f3553885a07f4d3acf4e2b64d8
-
SHA256
41c3b603e31fb9da5203f5223aa64692bfddfe96a1f3ce3e00227257e22d85d8
-
SHA512
5298cbd0bffaa0c56e7445c1af13b9d9e7cf50c6728846faae05674ece185157f9cea783c67fbba55b45183a0a931a52d01bacfafce58c548db4cb842e6b745d
-
SSDEEP
196608:DYRIxUAA4fqrUOqRwUA7pjn9swhTq7VzGdGtdO2VWflQxfFTjne0mzIWfkifO5:DXPAwwvj9Dh+7OYjVAlQxfFT1mFO5
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-