General
-
Target
6f41ed0a6bcac98f036fba178457a0c3_JaffaCakes118
-
Size
4.7MB
-
Sample
240524-vv5l5sdb5s
-
MD5
6f41ed0a6bcac98f036fba178457a0c3
-
SHA1
4028b8e76b021d87725eb3b2636f0eae58972a7d
-
SHA256
5d4f5e65b571e1a4b19a829f3d7b4eb4a19ef8b0d7f6a90d33c960a39dcb2726
-
SHA512
50cbe56cee0f506ef0acb5b5b0bc618ccfe5c1bd3dfdb8f9e71d6a99d04c61273cc6281bef86354d51281ba62a239060e5a42ba8c3cef75de132cadf3d31b39f
-
SSDEEP
98304:p0jXJ6R7OTuQ44BMqr7AsJt1kRuqXWb4EaVkyw/xrzvVp:W16lkRBMq7BrkkqvE1b/FL
Malware Config
Targets
-
-
Target
6f41ed0a6bcac98f036fba178457a0c3_JaffaCakes118
-
Size
4.7MB
-
MD5
6f41ed0a6bcac98f036fba178457a0c3
-
SHA1
4028b8e76b021d87725eb3b2636f0eae58972a7d
-
SHA256
5d4f5e65b571e1a4b19a829f3d7b4eb4a19ef8b0d7f6a90d33c960a39dcb2726
-
SHA512
50cbe56cee0f506ef0acb5b5b0bc618ccfe5c1bd3dfdb8f9e71d6a99d04c61273cc6281bef86354d51281ba62a239060e5a42ba8c3cef75de132cadf3d31b39f
-
SSDEEP
98304:p0jXJ6R7OTuQ44BMqr7AsJt1kRuqXWb4EaVkyw/xrzvVp:W16lkRBMq7BrkkqvE1b/FL
Score8/10-
Checks if the Android device is rooted.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-