General
-
Target
6e89648cf87c5c202a725afd9e732b3b_JaffaCakes118
-
Size
11.9MB
-
Sample
240524-pq3zvsca7t
-
MD5
6e89648cf87c5c202a725afd9e732b3b
-
SHA1
8cec0b14ae19e5ac558900c35226a7575ffb70de
-
SHA256
5aa2847a3404260f92dc4abafa38e5e618e6d33ab1e2dbca9e6e254a1a4dfdf6
-
SHA512
466a74e30f48d588b0c307a271e153106ba1e615a91e3a306e940502059c44e743a9fdf86b482b2b83d1a03183088156fcf9ef7c6b0b5fb6fe6b99e9e605152f
-
SSDEEP
196608:hHF820QlR4iRszSC/AHrjSBn3UOi0fE6Z+rgGJCKWd/aIerQJTH4K/FaY1/hIXEo:hmZzksSIA3SBnE/IygGJCKU/fZJTH4tP
Malware Config
Targets
-
-
Target
6e89648cf87c5c202a725afd9e732b3b_JaffaCakes118
-
Size
11.9MB
-
MD5
6e89648cf87c5c202a725afd9e732b3b
-
SHA1
8cec0b14ae19e5ac558900c35226a7575ffb70de
-
SHA256
5aa2847a3404260f92dc4abafa38e5e618e6d33ab1e2dbca9e6e254a1a4dfdf6
-
SHA512
466a74e30f48d588b0c307a271e153106ba1e615a91e3a306e940502059c44e743a9fdf86b482b2b83d1a03183088156fcf9ef7c6b0b5fb6fe6b99e9e605152f
-
SSDEEP
196608:hHF820QlR4iRszSC/AHrjSBn3UOi0fE6Z+rgGJCKWd/aIerQJTH4K/FaY1/hIXEo:hmZzksSIA3SBnE/IygGJCKU/fZJTH4tP
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-