General
-
Target
f5d16f2546891cfd3e2266fb7e360796_JaffaCakes118
-
Size
13.0MB
-
Sample
240925-mnkz6atfpg
-
MD5
f5d16f2546891cfd3e2266fb7e360796
-
SHA1
254608e9cc5f155f2fc6b044359c285f59640997
-
SHA256
0d7be806b46ad7b0e252749a357b5fdfe1f30d31de3be5766ded88c78e02bd73
-
SHA512
3c252bfa019061482a564145da4c25940c1870e4d7710260ee42288bb06dcec504719a7dfa42c84efa612f44171ed83a314b5af597f4825fdb041e089034aa3f
-
SSDEEP
393216:3fI51kD87RzrdNC4Imr7HKbTB7wnQ4pIUyy+Mq:vwj7z7HKbt8Q4pgB
Malware Config
Targets
-
-
Target
f5d16f2546891cfd3e2266fb7e360796_JaffaCakes118
-
Size
13.0MB
-
MD5
f5d16f2546891cfd3e2266fb7e360796
-
SHA1
254608e9cc5f155f2fc6b044359c285f59640997
-
SHA256
0d7be806b46ad7b0e252749a357b5fdfe1f30d31de3be5766ded88c78e02bd73
-
SHA512
3c252bfa019061482a564145da4c25940c1870e4d7710260ee42288bb06dcec504719a7dfa42c84efa612f44171ed83a314b5af597f4825fdb041e089034aa3f
-
SSDEEP
393216:3fI51kD87RzrdNC4Imr7HKbTB7wnQ4pIUyy+Mq:vwj7z7HKbt8Q4pgB
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2