General
-
Target
d2a5238060219037c3728de9f4304d82_JaffaCakes118
-
Size
788KB
-
Sample
240907-xvbp6szcpm
-
MD5
d2a5238060219037c3728de9f4304d82
-
SHA1
4c7b1a0a091873d8999a5e20b469c89005d46259
-
SHA256
cb4c4366780dd0c8f1723a77c911ca72dc5f921cf215fc9ffc60a6b18b357387
-
SHA512
ed0946321ebbe56eb8affdc6cb6ec5bb2f705a1aaed3c2f06ca20776c90864ba02c6de2c6dbaaf07d4ef456cae05943c8379ed88db3546ccfc0d75e89e47ec22
-
SSDEEP
24576:sQEaFmFN9v46flHtIxo+8lqBtYRNX4Ex7s9N:sQEaFmL9Ac/YB68YsH
Malware Config
Targets
-
-
Target
d2a5238060219037c3728de9f4304d82_JaffaCakes118
-
Size
788KB
-
MD5
d2a5238060219037c3728de9f4304d82
-
SHA1
4c7b1a0a091873d8999a5e20b469c89005d46259
-
SHA256
cb4c4366780dd0c8f1723a77c911ca72dc5f921cf215fc9ffc60a6b18b357387
-
SHA512
ed0946321ebbe56eb8affdc6cb6ec5bb2f705a1aaed3c2f06ca20776c90864ba02c6de2c6dbaaf07d4ef456cae05943c8379ed88db3546ccfc0d75e89e47ec22
-
SSDEEP
24576:sQEaFmFN9v46flHtIxo+8lqBtYRNX4Ex7s9N:sQEaFmL9Ac/YB68YsH
Score8/10-
Removes its main activity from the application launcher
-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
3System Checks
3