General
-
Target
6f7f73934d7a33656e426ed9523e95fc_JaffaCakes118
-
Size
18.5MB
-
Sample
240524-xjqpysfc8t
-
MD5
6f7f73934d7a33656e426ed9523e95fc
-
SHA1
f12dfe313beb48c8af16937a71b03038849b4270
-
SHA256
4ada32ec81ec1d298f1afa7f2b27aa1fdb9cd5a222ee1c0afc33dc5a331f120b
-
SHA512
7695903ab8c4fd10c2efc809406467c105a494428af1ecb04e650b16cdb747ee8a2cd3db2a002ae6aaf156e2f5193dc058a436bce8d04f27c00627e18c665bfe
-
SSDEEP
393216:YM/HyhXYzSMRZeFwHyFz+8K6rxdFtT7RBmIcsdW:tDzFZeO0y8K6rnFt7RBYh
Malware Config
Targets
-
-
Target
6f7f73934d7a33656e426ed9523e95fc_JaffaCakes118
-
Size
18.5MB
-
MD5
6f7f73934d7a33656e426ed9523e95fc
-
SHA1
f12dfe313beb48c8af16937a71b03038849b4270
-
SHA256
4ada32ec81ec1d298f1afa7f2b27aa1fdb9cd5a222ee1c0afc33dc5a331f120b
-
SHA512
7695903ab8c4fd10c2efc809406467c105a494428af1ecb04e650b16cdb747ee8a2cd3db2a002ae6aaf156e2f5193dc058a436bce8d04f27c00627e18c665bfe
-
SSDEEP
393216:YM/HyhXYzSMRZeFwHyFz+8K6rxdFtT7RBmIcsdW:tDzFZeO0y8K6rnFt7RBYh
Score8/10-
Checks if the Android device is rooted.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of photos stored on the user's device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
gdtadv2.jar
-
Size
1.2MB
-
MD5
2d2dc470380474233744d9caebadd45c
-
SHA1
706f9396ea77c9376889fa44c6dac1dc43945ade
-
SHA256
f1b5383603c37ff1f91f5f2bb39b85a510b16a073b56624a72456276cd027afc
-
SHA512
a538ee7f3f20a98258d5ab91bf3d54939dc11e4fd3d0423757503d6070f36f11a2a253655e9e1fcdb38f63b7109c9626dc7a2fa32d72d1aadf30b93c98d09e3c
-
SSDEEP
24576:OlEwzyhih4gka8GZW5N7jrIT9zlNWv1N/nd2ZjPZpw/:OukRk/2QHqlNKD/ndmjPbw/
Score1/10 -