General
-
Target
b3c7051fe4d998ed7edf215eb7571f55_JaffaCakes118
-
Size
28.5MB
-
Sample
240616-qv9hwayhlm
-
MD5
b3c7051fe4d998ed7edf215eb7571f55
-
SHA1
47746ca1ef3b1ba29d1512c3a56570a7ae191d3a
-
SHA256
129878bbc7b9794ce42b9c20c51a5f78f6e1436422a46f26b308bbad56b53bb5
-
SHA512
2151a6016318c954e9d2a8a0a8a3781448207a1fab9c01d42c2f615592ea359a02b56c65c4bf3bfce210a9b2adc6d11ff2084236529704dd57a9c97a8b560f20
-
SSDEEP
786432:NR5JzHJShkC1zm2NzEUPRZl8Pu+oyFbrf0P3:NTJzokC1zmIPPuPOyFbrsP3
Malware Config
Targets
-
-
Target
b3c7051fe4d998ed7edf215eb7571f55_JaffaCakes118
-
Size
28.5MB
-
MD5
b3c7051fe4d998ed7edf215eb7571f55
-
SHA1
47746ca1ef3b1ba29d1512c3a56570a7ae191d3a
-
SHA256
129878bbc7b9794ce42b9c20c51a5f78f6e1436422a46f26b308bbad56b53bb5
-
SHA512
2151a6016318c954e9d2a8a0a8a3781448207a1fab9c01d42c2f615592ea359a02b56c65c4bf3bfce210a9b2adc6d11ff2084236529704dd57a9c97a8b560f20
-
SSDEEP
786432:NR5JzHJShkC1zm2NzEUPRZl8Pu+oyFbrf0P3:NTJzokC1zmIPPuPOyFbrsP3
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2