General
-
Target
6d0919202de2c552152b0a4359cbd103_JaffaCakes118
-
Size
17.9MB
-
Sample
240524-cmjqlahf5t
-
MD5
6d0919202de2c552152b0a4359cbd103
-
SHA1
07b1fcdaaaab9391fa324176c87910d8003fe124
-
SHA256
e030b3327031b515ebb5f44813d90f36694898b106dfa0b446e70b59fcfa5302
-
SHA512
c5f9690673441e8afd4d9cfbf7b957d46c1f86e5db904fa770655270c545673bdea9917d56b5118f26be6e7363cc63b003b03c45301e5374cc1657343cf37dee
-
SSDEEP
393216:2qjVlqgWRbfcDdLncK+r2tF9YV3K7gf/dgRRJlo:2qj3qgW1fcRLTF9Uac2RzS
Malware Config
Targets
-
-
Target
6d0919202de2c552152b0a4359cbd103_JaffaCakes118
-
Size
17.9MB
-
MD5
6d0919202de2c552152b0a4359cbd103
-
SHA1
07b1fcdaaaab9391fa324176c87910d8003fe124
-
SHA256
e030b3327031b515ebb5f44813d90f36694898b106dfa0b446e70b59fcfa5302
-
SHA512
c5f9690673441e8afd4d9cfbf7b957d46c1f86e5db904fa770655270c545673bdea9917d56b5118f26be6e7363cc63b003b03c45301e5374cc1657343cf37dee
-
SSDEEP
393216:2qjVlqgWRbfcDdLncK+r2tF9YV3K7gf/dgRRJlo:2qj3qgW1fcRLTF9Uac2RzS
Score8/10-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1