General
-
Target
b55c419e70a3488a89195241221b7d55_JaffaCakes118
-
Size
21.3MB
-
Sample
240616-1mxt8azblf
-
MD5
b55c419e70a3488a89195241221b7d55
-
SHA1
6dd20702cdd74715b153fd4d35382e0ed985f4f0
-
SHA256
e018ac1caefa001e420455e666a81fa562257af3fe4340ec8cdf9e18e5b1512a
-
SHA512
0bb7379fd0e9ab6542ebf5ddd23844de9c1385a6fd41f06751fc6f13e1067ced1ab791cb81b19000c7548e91110091bf7cf2a27a344cbae524e2eff93a7559ff
-
SSDEEP
393216:PrhIgGPpyeIn9jihfegblBuhLKNwMxtYhf4wYVh87lfX8Vd9zDA7yjpT1qukiOhN:jhIgGPpxIBi4gZBuhLKNwLf4w3729zDK
Malware Config
Targets
-
-
Target
b55c419e70a3488a89195241221b7d55_JaffaCakes118
-
Size
21.3MB
-
MD5
b55c419e70a3488a89195241221b7d55
-
SHA1
6dd20702cdd74715b153fd4d35382e0ed985f4f0
-
SHA256
e018ac1caefa001e420455e666a81fa562257af3fe4340ec8cdf9e18e5b1512a
-
SHA512
0bb7379fd0e9ab6542ebf5ddd23844de9c1385a6fd41f06751fc6f13e1067ced1ab791cb81b19000c7548e91110091bf7cf2a27a344cbae524e2eff93a7559ff
-
SSDEEP
393216:PrhIgGPpyeIn9jihfegblBuhLKNwMxtYhf4wYVh87lfX8Vd9zDA7yjpT1qukiOhN:jhIgGPpxIBi4gZBuhLKNwLf4w3729zDK
Score7/10-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
-
-
Target
cast-receiver.apk
-
Size
6.0MB
-
MD5
6ff6f8db3bad2360c59941adf7f9d4ca
-
SHA1
2d1d5f802275bf204c6650f6a6493b9f42ea0e42
-
SHA256
345c7c9940c3b911ed5bc5f88708ff7d541ce68a761134fc56678302f5402eef
-
SHA512
c8b2a94d64f972a497ef1a6d93be662bbb748d202fa4362025e2a58ac361941cca6a1c5cc833928fb9a021a2254393e3dc661ca69627a69352b9ae27c0ef22cc
-
SSDEEP
98304:6TAZRpXmb9EFuZCxeDt10L5rZDILa/LrF2AL0YmPqLd6x71W9WMzQO6yAMBnAb:XZRp+ugZ70NrZDI8NGR1rTpyBu
Score1/10 -
-
-
Target
dyload-booter.apk
-
Size
45KB
-
MD5
bda323a98eafd74b36f0d55f18e80459
-
SHA1
03af7d6f9db9d0ca0418776868ca767929451add
-
SHA256
c45b4d8357d9ca2566745008e26848c736d9ae75726c0bb8b538c23571a2bd1c
-
SHA512
d944daf94c94cbf25d45dd4ebbf66735d373c64799938f4c3eed5eb1f4d6a0d8042cc331120377d2a6aab435bf242fedc96e82bf49237fdb18adf7b9d3ebacee
-
SSDEEP
768:sXGkO9eLt3KWtvzEEI0Jmb+gCvWtHqEOQKqvQS0JKRviCKP9r6fa6nW4qSvJL:z9eB3HANXb+2MVQhQS0JKRv89rOnLL
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
3System Checks
3