General
-
Target
e573a2a027ac3b2a38dcc393c225bc82_JaffaCakes118
-
Size
2.6MB
-
Sample
240407-vvaf1aaa36
-
MD5
e573a2a027ac3b2a38dcc393c225bc82
-
SHA1
03f7e2b5dbf775310ad00c24e9ce61643c111cc1
-
SHA256
56ff51106087a26828bc7903a03ee01799eb7916311db6e87f650a9580ddafc0
-
SHA512
3463b6d4ad404d7da924d05ec5b00fb8be1d94178a24c4994fc8e18702b3762d18f053bce30dbedcfcbeb0fac3b670e666bd3caca0341a275f27412d2d69e83c
-
SSDEEP
49152:GATX3+yA84mFOsJA/vQQWsoMF6Cbue50K0nNUYqRyP/34X:GmXui4mFRmQLsoMFNKe50K0O5Q/32
Static task
static1
Behavioral task
behavioral1
Sample
e573a2a027ac3b2a38dcc393c225bc82_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
e573a2a027ac3b2a38dcc393c225bc82_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
e573a2a027ac3b2a38dcc393c225bc82_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
cerberus
http://161.97.68.93
Targets
-
-
Target
e573a2a027ac3b2a38dcc393c225bc82_JaffaCakes118
-
Size
2.6MB
-
MD5
e573a2a027ac3b2a38dcc393c225bc82
-
SHA1
03f7e2b5dbf775310ad00c24e9ce61643c111cc1
-
SHA256
56ff51106087a26828bc7903a03ee01799eb7916311db6e87f650a9580ddafc0
-
SHA512
3463b6d4ad404d7da924d05ec5b00fb8be1d94178a24c4994fc8e18702b3762d18f053bce30dbedcfcbeb0fac3b670e666bd3caca0341a275f27412d2d69e83c
-
SSDEEP
49152:GATX3+yA84mFOsJA/vQQWsoMF6Cbue50K0nNUYqRyP/34X:GmXui4mFRmQLsoMFNKe50K0O5Q/32
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries the phone number (MSISDN for GSM devices)
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Listens for changes in the sensor environment (might be used to detect emulation)
-