General
-
Target
828dcccf669dfbe98c9f8d1ff0254634_JaffaCakes118
-
Size
9.0MB
-
Sample
240530-a6tzkagc2t
-
MD5
828dcccf669dfbe98c9f8d1ff0254634
-
SHA1
b9b01d730e1b480af62451bb7697d920ffc548f6
-
SHA256
c7b1caa06d634b5e975516c96479946e36f24b374e7fa0d43a9f4be1af10d66d
-
SHA512
54d106a418c7bd53093aaa1eaedc5bb02c06a0143316e28fd10a4fbaf592fa0ae527e79c28fea5dfe96eac8cac6c832d707717fbe4482e9b021ebedced125d1a
-
SSDEEP
196608:tmTJURmwrlwAmQaS4egz4c8hk9L6iXobxJxWobxJK:ATJq5OlXey9e3pBi
Malware Config
Targets
-
-
Target
828dcccf669dfbe98c9f8d1ff0254634_JaffaCakes118
-
Size
9.0MB
-
MD5
828dcccf669dfbe98c9f8d1ff0254634
-
SHA1
b9b01d730e1b480af62451bb7697d920ffc548f6
-
SHA256
c7b1caa06d634b5e975516c96479946e36f24b374e7fa0d43a9f4be1af10d66d
-
SHA512
54d106a418c7bd53093aaa1eaedc5bb02c06a0143316e28fd10a4fbaf592fa0ae527e79c28fea5dfe96eac8cac6c832d707717fbe4482e9b021ebedced125d1a
-
SSDEEP
196608:tmTJURmwrlwAmQaS4egz4c8hk9L6iXobxJxWobxJK:ATJq5OlXey9e3pBi
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
-
-
Target
xq_skin_blue.zip
-
Size
241KB
-
MD5
8bc2a1930298bd559fccd51e4848dedb
-
SHA1
4baed190ab302fef22faf1d9d82f1e10ef34d4a1
-
SHA256
e4a0d2f9183e23a410eff9ad58a8165e2cae1822601ad547d00f453c7d92be41
-
SHA512
9e84e817457d338ba7b87e63d7e788b910ca8fe1433fae8cdcc27d6fbe828b12df4a678f698b15715065488d6b4dddffaed837d3ef58219c1f1685247f5e8065
-
SSDEEP
3072:7hcibeflxBNupNstL2Nq15TXRzokN5lo5TRdfjkfMJJBjA5U3ww4f:FcimxBwOdzTlZ5la3kfgvz3wJf
Score1/10 -
-
-
Target
xq_skin_orange.zip
-
Size
252KB
-
MD5
5ad0e6262b34e8799ba002deb2f0ea62
-
SHA1
0e5cf70e3835c141d4ed6ca6fddec3b136f915e3
-
SHA256
dbcaf8e5acbc0f6badc27ad9a841ae285e48ccefcda8bbc7a2f2ff2777311b03
-
SHA512
17fa59aafde89c8458caadffc9cbf32028af4a1e7eaf5b693704640d4ab6d1ac8b07cf29ce081b9c7d55ce3ad0ff5e7bd5cfe8e3e88462a81b2e993bd76c8092
-
SSDEEP
6144:NAugCYAgUiTN9+033H0w5tZxPJvUCcoNC3wbs8S:mFOgBTN9J0w5tZxPFrK
Score1/10 -
-
-
Target
xq_skin_pink.zip
-
Size
243KB
-
MD5
6bce58e4e2c5fdfd7318585401991da7
-
SHA1
18d98713867d7d92ebd67108e4655a3fe38dc41c
-
SHA256
ade7a719828437732f5810244ebba0c0b0e7642eee03b1d6ea1a18dca48439a4
-
SHA512
f6b2b64ab69d5bf81d34f560152ef9cea6bd32d0af806edf8599a7e0bcbf9013db13bbb58d086a457dbe7506c8f042d766ac03a730dbcbea510eb08971a30b25
-
SSDEEP
3072:ldVFmhUr31fPISE+7Nvzoz9mKuZzt5pq/GkprpF1SZZoGsl3ww/a5+:H/mhMQ+7RXDZTfGb7l3w2ag
Score1/10 -
-
-
Target
xq_skin_red.zip
-
Size
252KB
-
MD5
f5d8e4664717b1242e610252fb050f2a
-
SHA1
b08d17f683c8e12328e8512e1de25a7e94a693d1
-
SHA256
32c9071e18057c3d8affd242e40b98316a59fe52867cd8d44754efca49d86069
-
SHA512
38756cab46644d722e6560b05107ca7e6c748bfe256a70d61053185b3a69a9f67216149d05237ee05352d1526a340330a1070ab8de5a65f60873fc7c93bd9232
-
SSDEEP
6144:ET7ashpNp+ScqcKBxv2AaMUYSnWs3wKC+XH/:ca+HcqTR9UY11B+
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2