General
-
Target
fde218b2cd492b1127f4a403420cb415_JaffaCakes118
-
Size
286KB
-
Sample
240420-3a9dlacf34
-
MD5
fde218b2cd492b1127f4a403420cb415
-
SHA1
253c2a9491e991a0a6170bcbc70a573f72322e51
-
SHA256
40fb45628c046597c82ec36744bbc41cfda5b132443d52ddd1747638a8d998aa
-
SHA512
048109e8a2d3eb7b9f85c7c2951afd78a7447507472d46e3e2026b75ab0ccb0cb613ae71d0f142862bbe6b8aa4ff6d8f36eacb724eade007a1a7cc6cb8ca5f7f
-
SSDEEP
6144:9ei08Im9OWhRShnW/nkV52xN9VjGPSVl2lEIYVJsIc+Lx:9e0Bhc2k6b9lGjuIYl1x
Static task
static1
Behavioral task
behavioral1
Sample
fde218b2cd492b1127f4a403420cb415_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
fde218b2cd492b1127f4a403420cb415_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
fde218b2cd492b1127f4a403420cb415_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Targets
-
-
Target
fde218b2cd492b1127f4a403420cb415_JaffaCakes118
-
Size
286KB
-
MD5
fde218b2cd492b1127f4a403420cb415
-
SHA1
253c2a9491e991a0a6170bcbc70a573f72322e51
-
SHA256
40fb45628c046597c82ec36744bbc41cfda5b132443d52ddd1747638a8d998aa
-
SHA512
048109e8a2d3eb7b9f85c7c2951afd78a7447507472d46e3e2026b75ab0ccb0cb613ae71d0f142862bbe6b8aa4ff6d8f36eacb724eade007a1a7cc6cb8ca5f7f
-
SSDEEP
6144:9ei08Im9OWhRShnW/nkV52xN9VjGPSVl2lEIYVJsIc+Lx:9e0Bhc2k6b9lGjuIYl1x
-
XLoader payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-