General
-
Target
740b205fb06072d861cef02c571415b7_JaffaCakes118
-
Size
15.6MB
-
Sample
240726-plg7laxdln
-
MD5
740b205fb06072d861cef02c571415b7
-
SHA1
6af7562872fa900844d82351feac75f39e191393
-
SHA256
31dab675c9c681c78b8ba3b85ef8bd67def36b80ee1c5d6ba5dbd4d46f85e341
-
SHA512
ff8cf3227757ec86736171a2cf2306fdcbe72f3290d706adadfe6da1ae3306e7c6fa4a7714e44eed7d626f03451a6227ab1cc6bcb83004563a5e150fbabf59ae
-
SSDEEP
393216:kkGGeM9kaCSqsergnpHh+FJhu+oqNhZMY:kkYNUR8Pu+oy3
Malware Config
Targets
-
-
Target
740b205fb06072d861cef02c571415b7_JaffaCakes118
-
Size
15.6MB
-
MD5
740b205fb06072d861cef02c571415b7
-
SHA1
6af7562872fa900844d82351feac75f39e191393
-
SHA256
31dab675c9c681c78b8ba3b85ef8bd67def36b80ee1c5d6ba5dbd4d46f85e341
-
SHA512
ff8cf3227757ec86736171a2cf2306fdcbe72f3290d706adadfe6da1ae3306e7c6fa4a7714e44eed7d626f03451a6227ab1cc6bcb83004563a5e150fbabf59ae
-
SSDEEP
393216:kkGGeM9kaCSqsergnpHh+FJhu+oqNhZMY:kkYNUR8Pu+oy3
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2