General
-
Target
fb770d5edf64837fdba014d5071cc994_JaffaCakes118
-
Size
567KB
-
Sample
240928-emhjmsydmd
-
MD5
fb770d5edf64837fdba014d5071cc994
-
SHA1
7187cde1edeec14f92662ab1e40a68e111715c5c
-
SHA256
5e8e23df42386910ff49fda13b1ba4088f135770b6aa5b9913002a65db5d60bc
-
SHA512
e547da4689ca5a52d47f7a0e3db44fa5e0aa73ce8f8422ddd80c5339081fc7b253e5f9085e161e8f0a655bd4fca6f20cabd6dd67146b3b1149b7aa7346750576
-
SSDEEP
12288:kW3+sOgiYi7jrdnvAtfdR7RCjG4/fzmSKIDmJubWgw2JU4x:Z3+spWn0FB4S43dBmJuBwf4x
Malware Config
Targets
-
-
Target
fb770d5edf64837fdba014d5071cc994_JaffaCakes118
-
Size
567KB
-
MD5
fb770d5edf64837fdba014d5071cc994
-
SHA1
7187cde1edeec14f92662ab1e40a68e111715c5c
-
SHA256
5e8e23df42386910ff49fda13b1ba4088f135770b6aa5b9913002a65db5d60bc
-
SHA512
e547da4689ca5a52d47f7a0e3db44fa5e0aa73ce8f8422ddd80c5339081fc7b253e5f9085e161e8f0a655bd4fca6f20cabd6dd67146b3b1149b7aa7346750576
-
SSDEEP
12288:kW3+sOgiYi7jrdnvAtfdR7RCjG4/fzmSKIDmJubWgw2JU4x:Z3+spWn0FB4S43dBmJuBwf4x
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2