General
-
Target
b0df5b7059fa379d5ee2401b98eb685a_JaffaCakes118
-
Size
5.5MB
-
Sample
241129-ncz6daslgv
-
MD5
b0df5b7059fa379d5ee2401b98eb685a
-
SHA1
0c0a130a2136e30c4e7297176a0e8097be68aeb3
-
SHA256
8ad864ddc75ba205972098718a9ddbda60478f9a04fc3479f80b9bef087a4ba1
-
SHA512
c1006f187e1e03fa6d1908ce0441fa6184eed97fe8683cbe0b159664c54c5af365b3e476c67521a9b982c812ff348d68c115b631b0deb33abda7f5616b8cb21e
-
SSDEEP
98304:WkNRl+IhfPt5AcinzMfhJCBP7j3A7AvPW1bC+msxMRHDOMT9t/AGQ6:WkNOILiQfZQPWN46g/Aq
Malware Config
Targets
-
-
Target
b0df5b7059fa379d5ee2401b98eb685a_JaffaCakes118
-
Size
5.5MB
-
MD5
b0df5b7059fa379d5ee2401b98eb685a
-
SHA1
0c0a130a2136e30c4e7297176a0e8097be68aeb3
-
SHA256
8ad864ddc75ba205972098718a9ddbda60478f9a04fc3479f80b9bef087a4ba1
-
SHA512
c1006f187e1e03fa6d1908ce0441fa6184eed97fe8683cbe0b159664c54c5af365b3e476c67521a9b982c812ff348d68c115b631b0deb33abda7f5616b8cb21e
-
SSDEEP
98304:WkNRl+IhfPt5AcinzMfhJCBP7j3A7AvPW1bC+msxMRHDOMT9t/AGQ6:WkNOILiQfZQPWN46g/Aq
Score8/10-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads device software version
Uses Android APIs to read software version number for the device (IMEI/SV for GSM devices).
-
Reads information about phone network operator.
-