General
-
Target
6e90769fb34833f2c2f41cfdcf89161a_JaffaCakes118
-
Size
15.6MB
-
Sample
240524-pyrxkadb57
-
MD5
6e90769fb34833f2c2f41cfdcf89161a
-
SHA1
0f4c6a92a61f43b503d42a9fc2456d264b281faa
-
SHA256
1f026f42884e70ff6322745e687745b8a8d6d5db788a2ec0ea2abac6eb721b73
-
SHA512
0a315f948feea2684fa1f1a90975fc9e22b4040b0478f86c12641049ecbf695e54f8fcbbc4c54370683013f1becac14f35ba34af6000f6301299c248ed12aa10
-
SSDEEP
393216:yLI1Go7ecul9nq2bfwDPABT2MozUCSJ4oHvlUszsMbTvK0:OFpcul9S62y5JveqsMb9
Malware Config
Targets
-
-
Target
6e90769fb34833f2c2f41cfdcf89161a_JaffaCakes118
-
Size
15.6MB
-
MD5
6e90769fb34833f2c2f41cfdcf89161a
-
SHA1
0f4c6a92a61f43b503d42a9fc2456d264b281faa
-
SHA256
1f026f42884e70ff6322745e687745b8a8d6d5db788a2ec0ea2abac6eb721b73
-
SHA512
0a315f948feea2684fa1f1a90975fc9e22b4040b0478f86c12641049ecbf695e54f8fcbbc4c54370683013f1becac14f35ba34af6000f6301299c248ed12aa10
-
SSDEEP
393216:yLI1Go7ecul9nq2bfwDPABT2MozUCSJ4oHvlUszsMbTvK0:OFpcul9S62y5JveqsMb9
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-