General
-
Target
fc44b5fcbacc7d2f6ba048a12814cec0_JaffaCakes118
-
Size
4.8MB
-
Sample
240928-pbphxsxgmb
-
MD5
fc44b5fcbacc7d2f6ba048a12814cec0
-
SHA1
276c9f2f461ceea2cdd912cce1eedbd039810884
-
SHA256
5e064ac27414a2563f1edda7734a6797fd0a667f387e7324fd56d18388598726
-
SHA512
edec452fddd59392378008ffbba9d1ad36f3bae9f6951c6864c0454e2d3c54a1297df34abb01c62ef5db8e167ebfdcb34ac4f836d32644f08d3998171ac8cae8
-
SSDEEP
98304:+QiQTI/b+/A1dwsWPENUPuFtE2aiWm37QusRP2GUnu:+QiQTL/S3cENuEm2hWA7IEdu
Malware Config
Targets
-
-
Target
fc44b5fcbacc7d2f6ba048a12814cec0_JaffaCakes118
-
Size
4.8MB
-
MD5
fc44b5fcbacc7d2f6ba048a12814cec0
-
SHA1
276c9f2f461ceea2cdd912cce1eedbd039810884
-
SHA256
5e064ac27414a2563f1edda7734a6797fd0a667f387e7324fd56d18388598726
-
SHA512
edec452fddd59392378008ffbba9d1ad36f3bae9f6951c6864c0454e2d3c54a1297df34abb01c62ef5db8e167ebfdcb34ac4f836d32644f08d3998171ac8cae8
-
SSDEEP
98304:+QiQTI/b+/A1dwsWPENUPuFtE2aiWm37QusRP2GUnu:+QiQTL/S3cENuEm2hWA7IEdu
Score8/10-
Checks if the Android device is rooted.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2