General
-
Target
6e5bb4340cdcd5140743f1a7c58ca214_JaffaCakes118
-
Size
18.6MB
-
Sample
240524-nlw53sfb21
-
MD5
6e5bb4340cdcd5140743f1a7c58ca214
-
SHA1
5c10b057c83b55fa8e678b8620725d85359b3e15
-
SHA256
cc25c7b03025441ab663cb362c8376662ba5cbeed430ce5e5dc37c8d2cb9f2fd
-
SHA512
a22c171439b4856868151553cc16979f0ea5470ce30b703761bca32fcafdaa5f245b194cc2d37cedf20305a0558f501dbbbc006a1556beb9e510b6209c42c772
-
SSDEEP
393216:XGMTcIFk8lm6EOGrbHUbJSK5WK000SKmulC6OcYx31lP:2ccIFk8sOG/u5WxmWCXzj
Malware Config
Targets
-
-
Target
6e5bb4340cdcd5140743f1a7c58ca214_JaffaCakes118
-
Size
18.6MB
-
MD5
6e5bb4340cdcd5140743f1a7c58ca214
-
SHA1
5c10b057c83b55fa8e678b8620725d85359b3e15
-
SHA256
cc25c7b03025441ab663cb362c8376662ba5cbeed430ce5e5dc37c8d2cb9f2fd
-
SHA512
a22c171439b4856868151553cc16979f0ea5470ce30b703761bca32fcafdaa5f245b194cc2d37cedf20305a0558f501dbbbc006a1556beb9e510b6209c42c772
-
SSDEEP
393216:XGMTcIFk8lm6EOGrbHUbJSK5WK000SKmulC6OcYx31lP:2ccIFk8sOG/u5WxmWCXzj
Score8/10-
Checks if the Android device is rooted.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Requests cell location
Uses Android APIs to to get current cell information.
-