General
-
Target
72f7d6e8ab55d5466e70635209cc0414_JaffaCakes118
-
Size
30.5MB
-
Sample
240525-xwztdseh7w
-
MD5
72f7d6e8ab55d5466e70635209cc0414
-
SHA1
69b5157708c0bc6c915a1223334836e9a59eedaf
-
SHA256
aef1362117f3c2a2c80b78e852e32b5b7d48568cf65259d1788be6aad9e37a25
-
SHA512
7a0af31df2005954c9be95e2426f282937d0b6e86b9b42581856390dc5aba50e8e358a7e4a3e4272b0642b13a079bd72cd30c870511f6f209ad7637d48b9202f
-
SSDEEP
786432:0xEU7RKoAYZJN7/jvzcviN4ze2HAPOFUun4hgRYV:rU9LvvYyuFOV
Malware Config
Targets
-
-
Target
72f7d6e8ab55d5466e70635209cc0414_JaffaCakes118
-
Size
30.5MB
-
MD5
72f7d6e8ab55d5466e70635209cc0414
-
SHA1
69b5157708c0bc6c915a1223334836e9a59eedaf
-
SHA256
aef1362117f3c2a2c80b78e852e32b5b7d48568cf65259d1788be6aad9e37a25
-
SHA512
7a0af31df2005954c9be95e2426f282937d0b6e86b9b42581856390dc5aba50e8e358a7e4a3e4272b0642b13a079bd72cd30c870511f6f209ad7637d48b9202f
-
SSDEEP
786432:0xEU7RKoAYZJN7/jvzcviN4ze2HAPOFUun4hgRYV:rU9LvvYyuFOV
Score8/10-
Checks if the Android device is rooted.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-