General
-
Target
a1eb2adc5bdf473a3a7634347db93cf1_JaffaCakes118
-
Size
1.6MB
-
Sample
240817-kt2hzszhmp
-
MD5
a1eb2adc5bdf473a3a7634347db93cf1
-
SHA1
c843049a9bca53432217a93437e20987a726bade
-
SHA256
7d6139211468db9e57b2638af316de50c696f2dbe3f2e4db243fbae4b63e0cde
-
SHA512
a63a6c7b59b0a800c037581e34eb001a3ddb399d78c3e0b38f55ba8148a7181e5161d31d26d029d322da2ec28b554a5958cc7f947e6d6cbee356fe1a656e7d90
-
SSDEEP
24576:vWJRmtMRnguiei22mhJyaOMoruQDBDWTnfrK3I5C0DR/V+CDjORXMWp4poK1FQc:OyWguie2mhE8JfrK3I5fhDSRXt6Yc
Malware Config
Targets
-
-
Target
a1eb2adc5bdf473a3a7634347db93cf1_JaffaCakes118
-
Size
1.6MB
-
MD5
a1eb2adc5bdf473a3a7634347db93cf1
-
SHA1
c843049a9bca53432217a93437e20987a726bade
-
SHA256
7d6139211468db9e57b2638af316de50c696f2dbe3f2e4db243fbae4b63e0cde
-
SHA512
a63a6c7b59b0a800c037581e34eb001a3ddb399d78c3e0b38f55ba8148a7181e5161d31d26d029d322da2ec28b554a5958cc7f947e6d6cbee356fe1a656e7d90
-
SSDEEP
24576:vWJRmtMRnguiei22mhJyaOMoruQDBDWTnfrK3I5C0DR/V+CDjORXMWp4poK1FQc:OyWguie2mhE8JfrK3I5fhDSRXt6Yc
Score7/10-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Requests dangerous framework permissions
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2