General
-
Target
ddcf8d68ba01d6f2cb5e2344ed5a6afd_JaffaCakes118
-
Size
21.9MB
-
Sample
240913-gpsthaybjc
-
MD5
ddcf8d68ba01d6f2cb5e2344ed5a6afd
-
SHA1
ffd956290346afddb4ae53b254e6474af29c1a57
-
SHA256
86313aef29cc8c00d0edd04ef1915d7d6c329723a5887108d42ce2f6f4da511a
-
SHA512
89a2a3828c1e7e07a761e3c14203db4f3b227a5ce0015daf5bcd73be33426facf56c0434c53406ab6b43e5628bf1c6d001000f8f39fbce99bd02c9152414472c
-
SSDEEP
393216:00GTg3puwxU45jbWUzMLAhyXToDUQwlaMIawwtOKZljibperF308OU4KI:0ezxU1UzMdjiwlazwtOxMk0w
Malware Config
Targets
-
-
Target
ddcf8d68ba01d6f2cb5e2344ed5a6afd_JaffaCakes118
-
Size
21.9MB
-
MD5
ddcf8d68ba01d6f2cb5e2344ed5a6afd
-
SHA1
ffd956290346afddb4ae53b254e6474af29c1a57
-
SHA256
86313aef29cc8c00d0edd04ef1915d7d6c329723a5887108d42ce2f6f4da511a
-
SHA512
89a2a3828c1e7e07a761e3c14203db4f3b227a5ce0015daf5bcd73be33426facf56c0434c53406ab6b43e5628bf1c6d001000f8f39fbce99bd02c9152414472c
-
SSDEEP
393216:00GTg3puwxU45jbWUzMLAhyXToDUQwlaMIawwtOKZljibperF308OU4KI:0ezxU1UzMdjiwlazwtOxMk0w
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
4System Checks
4