General
-
Target
8142e957e23ebfc72f39e604be23c85c_JaffaCakes118
-
Size
2.0MB
-
Sample
240529-tczshabb2w
-
MD5
8142e957e23ebfc72f39e604be23c85c
-
SHA1
b97ac5b4faf4366d9b565941f49071d585ac0e99
-
SHA256
eeb66f9a06bf50ac5ee96c7f62b2c1ca35666d4bebcb5fea3428482176188845
-
SHA512
c590b9d331d265ebe1f46200eda9eb2ee066bb9af756de647456bd2a2ae7e4cba7edfadbd85587b27753798dede48b6ac0ebe8762e6a7a26a2fdca83678ad577
-
SSDEEP
49152:HEYOTBboDOoPvltt2xcpDVw9v8ElonkLreLHqmMwV6n8AhCoOLBF:qTYOoX92xmDVwlNTXeDABn8AhTOLBF
Malware Config
Targets
-
-
Target
8142e957e23ebfc72f39e604be23c85c_JaffaCakes118
-
Size
2.0MB
-
MD5
8142e957e23ebfc72f39e604be23c85c
-
SHA1
b97ac5b4faf4366d9b565941f49071d585ac0e99
-
SHA256
eeb66f9a06bf50ac5ee96c7f62b2c1ca35666d4bebcb5fea3428482176188845
-
SHA512
c590b9d331d265ebe1f46200eda9eb2ee066bb9af756de647456bd2a2ae7e4cba7edfadbd85587b27753798dede48b6ac0ebe8762e6a7a26a2fdca83678ad577
-
SSDEEP
49152:HEYOTBboDOoPvltt2xcpDVw9v8ElonkLreLHqmMwV6n8AhCoOLBF:qTYOoX92xmDVwlNTXeDABn8AhTOLBF
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-