General
-
Target
e4d506940fad3af243ac3eb04e16f6a9_JaffaCakes118
-
Size
3.0MB
-
Sample
240407-npgvkacb75
-
MD5
e4d506940fad3af243ac3eb04e16f6a9
-
SHA1
0c6ba3fac39eab343539e2355bb0b533665b7ea6
-
SHA256
7a1f67937c3df8b1b65b7e5ca2ac609a7f405123df91b948535ad866e9ff884d
-
SHA512
19ecfa32e9e21cd65bc9579a8ef449f2b9fa883a22884ecc561586f9dd327aebe485a178128af2ed34270d51fffb5e754618ee22e0cd6e931bf09818060a2bec
-
SSDEEP
49152:0gdipryDHH0D6gmPOroTV8asMbUCWhSENwOU1iNcJ3W7HxTQqUonXJ3cwk:0brWn0DAOroTV87wHDOC09RzUsFk
Behavioral task
behavioral1
Sample
e4d506940fad3af243ac3eb04e16f6a9_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
e4d506940fad3af243ac3eb04e16f6a9_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
e4d506940fad3af243ac3eb04e16f6a9_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Targets
-
-
Target
e4d506940fad3af243ac3eb04e16f6a9_JaffaCakes118
-
Size
3.0MB
-
MD5
e4d506940fad3af243ac3eb04e16f6a9
-
SHA1
0c6ba3fac39eab343539e2355bb0b533665b7ea6
-
SHA256
7a1f67937c3df8b1b65b7e5ca2ac609a7f405123df91b948535ad866e9ff884d
-
SHA512
19ecfa32e9e21cd65bc9579a8ef449f2b9fa883a22884ecc561586f9dd327aebe485a178128af2ed34270d51fffb5e754618ee22e0cd6e931bf09818060a2bec
-
SSDEEP
49152:0gdipryDHH0D6gmPOroTV8asMbUCWhSENwOU1iNcJ3W7HxTQqUonXJ3cwk:0brWn0DAOroTV87wHDOC09RzUsFk
-
FluBot payload
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-