General
-
Target
8b68561e136f032d0458f65069b4aba7_JaffaCakes118
-
Size
1.7MB
-
Sample
240601-xe3tqacc75
-
MD5
8b68561e136f032d0458f65069b4aba7
-
SHA1
a9de62958202dc74c177b6d20764566667ff7f22
-
SHA256
9b1e22e09241e981d2266d66d57925e014f735b1a39b220fa8f486da8642bc04
-
SHA512
5ef0eac398e6c371797aa70f6ff2ab516c0a07686ccd3e472249c5726bdd79b9b211d120ff671987a71991f66a9ce634bef02dadad4123b5630a2c7ef6c74249
-
SSDEEP
24576:g0DR/V+CDj54msGET8tguoYMvxfIWVn9vZ1IKxydIu9aP6HhSyZY0xTCYv5YI2Gw:1hDumsGZQPxfzYdIugCHhSsTCfUsN
Malware Config
Targets
-
-
Target
8b68561e136f032d0458f65069b4aba7_JaffaCakes118
-
Size
1.7MB
-
MD5
8b68561e136f032d0458f65069b4aba7
-
SHA1
a9de62958202dc74c177b6d20764566667ff7f22
-
SHA256
9b1e22e09241e981d2266d66d57925e014f735b1a39b220fa8f486da8642bc04
-
SHA512
5ef0eac398e6c371797aa70f6ff2ab516c0a07686ccd3e472249c5726bdd79b9b211d120ff671987a71991f66a9ce634bef02dadad4123b5630a2c7ef6c74249
-
SSDEEP
24576:g0DR/V+CDj54msGET8tguoYMvxfIWVn9vZ1IKxydIu9aP6HhSyZY0xTCYv5YI2Gw:1hDumsGZQPxfzYdIugCHhSsTCfUsN
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Requests dangerous framework permissions
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1