General
-
Target
f1c1ef7355d3ad37a8fdebc2716cbe4e_JaffaCakes118
-
Size
445KB
-
Sample
240415-x9sl8sge5z
-
MD5
f1c1ef7355d3ad37a8fdebc2716cbe4e
-
SHA1
b82ab7ce847abe2b1fc92f91c97d67773fd49cfa
-
SHA256
9f34a0f5d16f203eef15bdb01a953c22016ad7f252bce4d781fc4028035bce07
-
SHA512
333fa4d51a5919acba2f7f703eef3d3d73601f153163741f8968d7bf027b7c7e45338a2140e0bce127e35a67711280471288e132903d8786c6c13dcd3b1fc7e2
-
SSDEEP
12288:QkOrBFJ5YXxzE2vIIte+M1SyD7DAEXqyqQnSMey7SQZy0:QPVFnYXxzjwIrM1SyD7Duy5g8k0
Static task
static1
Behavioral task
behavioral1
Sample
f1c1ef7355d3ad37a8fdebc2716cbe4e_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Malware Config
Extracted
xloader_apk
http://91.204.227.39:28844
Targets
-
-
Target
f1c1ef7355d3ad37a8fdebc2716cbe4e_JaffaCakes118
-
Size
445KB
-
MD5
f1c1ef7355d3ad37a8fdebc2716cbe4e
-
SHA1
b82ab7ce847abe2b1fc92f91c97d67773fd49cfa
-
SHA256
9f34a0f5d16f203eef15bdb01a953c22016ad7f252bce4d781fc4028035bce07
-
SHA512
333fa4d51a5919acba2f7f703eef3d3d73601f153163741f8968d7bf027b7c7e45338a2140e0bce127e35a67711280471288e132903d8786c6c13dcd3b1fc7e2
-
SSDEEP
12288:QkOrBFJ5YXxzE2vIIte+M1SyD7DAEXqyqQnSMey7SQZy0:QPVFnYXxzjwIrM1SyD7Duy5g8k0
-
XLoader payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries account information for other applications stored on the device.
Application may abuse the framework's APIs to collect account information stored on the device.
-
Reads the content of the MMS message.
-
Acquires the wake lock
-