General
-
Target
3fcefba2f0b181e7ee08d6723612963c_JaffaCakes118
-
Size
4.6MB
-
Sample
241013-pgldfswcle
-
MD5
3fcefba2f0b181e7ee08d6723612963c
-
SHA1
489741ffa12bb470aee6bc6bda8f83e7a68e71da
-
SHA256
a9004e8faafc94cbc9644b2dec35bbec286a71d861228e70bcb6d547443aa87b
-
SHA512
5c3af761e4899374f128bb21ed5090984dee0d9d58b104fcea722505081b25f131df4e40d25ab878fa3757c90c82d889a22e03efbc835ec0a8ef6e95566330b6
-
SSDEEP
98304:Q5/1ZmijfP5sw0wjdJTWSgZbk6DDU5yQlf0DIpt45pcKrpCmyE2bcqf3SW8I:Q5/11fPSCmQlf0DOOkmyR+9I
Malware Config
Targets
-
-
Target
3fcefba2f0b181e7ee08d6723612963c_JaffaCakes118
-
Size
4.6MB
-
MD5
3fcefba2f0b181e7ee08d6723612963c
-
SHA1
489741ffa12bb470aee6bc6bda8f83e7a68e71da
-
SHA256
a9004e8faafc94cbc9644b2dec35bbec286a71d861228e70bcb6d547443aa87b
-
SHA512
5c3af761e4899374f128bb21ed5090984dee0d9d58b104fcea722505081b25f131df4e40d25ab878fa3757c90c82d889a22e03efbc835ec0a8ef6e95566330b6
-
SSDEEP
98304:Q5/1ZmijfP5sw0wjdJTWSgZbk6DDU5yQlf0DIpt45pcKrpCmyE2bcqf3SW8I:Q5/11fPSCmQlf0DOOkmyR+9I
Score8/10-
Checks if the Android device is rooted.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads device software version
Uses Android APIs to read software version number for the device (IMEI/SV for GSM devices).
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2