General
-
Target
81e943f671ed37ace694fa916cad0436_JaffaCakes118
-
Size
2.8MB
-
Sample
240529-zt9xpaae39
-
MD5
81e943f671ed37ace694fa916cad0436
-
SHA1
b1a6808d74b3640686e9afca82d821c4503d120f
-
SHA256
29e028d52b0a5b8e7b3d627028828cdf2e0b4ccae1dfaaeb3884cc7babbe17ce
-
SHA512
64e4421361a6171e2a864c28a3e38578fb9dad12aefeb0e0015603e4b03a623b033259e5fecce5f9a045d773c4905914581374fccd356a1fa00418652c376373
-
SSDEEP
49152:mSGVCfKa+EJNNpyCXxGc5ujWFhS8fjvBWdIRfj9XqLJdYDX1RpkyFCH+:mDC53vKCX+qvVWm1j1qL/eXHa2CH+
Malware Config
Targets
-
-
Target
81e943f671ed37ace694fa916cad0436_JaffaCakes118
-
Size
2.8MB
-
MD5
81e943f671ed37ace694fa916cad0436
-
SHA1
b1a6808d74b3640686e9afca82d821c4503d120f
-
SHA256
29e028d52b0a5b8e7b3d627028828cdf2e0b4ccae1dfaaeb3884cc7babbe17ce
-
SHA512
64e4421361a6171e2a864c28a3e38578fb9dad12aefeb0e0015603e4b03a623b033259e5fecce5f9a045d773c4905914581374fccd356a1fa00418652c376373
-
SSDEEP
49152:mSGVCfKa+EJNNpyCXxGc5ujWFhS8fjvBWdIRfj9XqLJdYDX1RpkyFCH+:mDC53vKCX+qvVWm1j1qL/eXHa2CH+
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Removes its main activity from the application launcher
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
Flash-Browser.apk
-
Size
1.0MB
-
MD5
8b183c787aa69873965d24d67abeeb9a
-
SHA1
b80d5ed35d5cf7df5ebdf9169ec71dbb7a411a1b
-
SHA256
b4617f5735eec873ee271a8642c5fc29f293d2d6efc3f8504f808c5e1176816d
-
SHA512
d81b3cf096e6a89b700193389da1a792990207e1ed92f9aae54a340598c54b13db3ade1b315c342789e73e3697f5e02b40a436377ff4d4ec3823314f5c59ca1f
-
SSDEEP
24576:/SG9qt2Cfu0iusUs2RGLEJTZNrzljfUJLkHOO9t6J:/SGVCfKa+EJNNpyC6
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Reads the content of the browser bookmarks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-