General
-
Target
b30966f589a57eac5d71e29628d7c942_JaffaCakes118
-
Size
14.3MB
-
Sample
240821-l4acxswdjl
-
MD5
b30966f589a57eac5d71e29628d7c942
-
SHA1
acfdf14273330cf7ba48a662e9929c37bc7e98ad
-
SHA256
4414f86c822d55961c380914e72fb46b0d2c6588cabc2889c9cf1cc1057a1909
-
SHA512
edee645d23edc9ff6403d3ce3e5d2f344a7eac80a03176b18d232946395bbccbe2826053f816ea0ef80cc07d1539dbfc9fa0d413c7b01cdb4c52f06154b863ec
-
SSDEEP
196608:LcybAOSUXCw/tWRTPKu10sTIi8YP5GO7EG+LOn2VLMfJFu4jp9L4jEwPxYE70H+V:L70MXWRLKtgGoEhVLMXuq9LwWe+XP+d
Malware Config
Targets
-
-
Target
b30966f589a57eac5d71e29628d7c942_JaffaCakes118
-
Size
14.3MB
-
MD5
b30966f589a57eac5d71e29628d7c942
-
SHA1
acfdf14273330cf7ba48a662e9929c37bc7e98ad
-
SHA256
4414f86c822d55961c380914e72fb46b0d2c6588cabc2889c9cf1cc1057a1909
-
SHA512
edee645d23edc9ff6403d3ce3e5d2f344a7eac80a03176b18d232946395bbccbe2826053f816ea0ef80cc07d1539dbfc9fa0d413c7b01cdb4c52f06154b863ec
-
SSDEEP
196608:LcybAOSUXCw/tWRTPKu10sTIi8YP5GO7EG+LOn2VLMfJFu4jp9L4jEwPxYE70H+V:L70MXWRLKtgGoEhVLMXuq9LwWe+XP+d
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3