General
-
Target
01d79d6d2923632c2dbf9fb1fb90df34_JaffaCakes118
-
Size
17.2MB
-
Sample
240426-2r5lasdg39
-
MD5
01d79d6d2923632c2dbf9fb1fb90df34
-
SHA1
27ef2a0ebbf10457c296b2bae74152503ecac301
-
SHA256
051fd97224ea0c84e6835f153dfdf815e74a96c9cf38364bf6b2ec58dae8e837
-
SHA512
916be6e7e561883146bf961c91854a7db7b27ec057ac508c11ad6ffec40dddd8b84a41ca862bd43573da4204898d507b73dedd7981490e01d139761bc3125047
-
SSDEEP
393216:2Wf4XIfzQKyWzcoLTyHPnompOTXyNBzifgPeqfWc5MlA:MnPWwNoYBQgPfQA
Behavioral task
behavioral1
Sample
01d79d6d2923632c2dbf9fb1fb90df34_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
ccplaymerket.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral3
Sample
ccplaymerket.apk
Resource
android-33-x64-arm64-20240229-en
Behavioral task
behavioral4
Sample
rtk_app.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral5
Sample
rtk_app.apk
Resource
android-x64-20240221-en
Malware Config
Targets
-
-
Target
01d79d6d2923632c2dbf9fb1fb90df34_JaffaCakes118
-
Size
17.2MB
-
MD5
01d79d6d2923632c2dbf9fb1fb90df34
-
SHA1
27ef2a0ebbf10457c296b2bae74152503ecac301
-
SHA256
051fd97224ea0c84e6835f153dfdf815e74a96c9cf38364bf6b2ec58dae8e837
-
SHA512
916be6e7e561883146bf961c91854a7db7b27ec057ac508c11ad6ffec40dddd8b84a41ca862bd43573da4204898d507b73dedd7981490e01d139761bc3125047
-
SSDEEP
393216:2Wf4XIfzQKyWzcoLTyHPnompOTXyNBzifgPeqfWc5MlA:MnPWwNoYBQgPfQA
Score1/10 -
-
-
Target
ccplaymerket.apk
-
Size
5.9MB
-
MD5
fec090046d831ce52cf95b5487b866ff
-
SHA1
f004c200eb9b2b78ea24cb4d7b9e7aab7de258e7
-
SHA256
86632ccbff13be30bb5628e130facf92e8d84e22f95eb5fbf117695209b7f83f
-
SHA512
df647a0887a0e714604c1643877fc9f1197bef76e89324df8edd2fdabe91898ea44fca652851c67af3db52a27d9bcc7873bd9fe68289d9db1c4437ae57a830ad
-
SSDEEP
98304:EXB2RaqiyR/tRSbgxPCnOpdtXU0jkys0X8bp9Tf7eKtw2k69O0d8gkgv4FSuoyA7:EXBHfOCnQdaPyseW/htu0yNtkubium
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
rtk_app.apk
-
Size
2.6MB
-
MD5
6c7958fa0aaab85d1301461def35d378
-
SHA1
1d98e95cbf378edbff4cc279640a622eeb0dc51a
-
SHA256
3a69b0a413ee44e8da2a558457f3b9df4d8e65368586cf9d2dc48df75be700d1
-
SHA512
528073f2c0419b516e7ada1ec79c148328c5397c41c6f19389f22189279c0b50879d0c4c90a9330c2aa05e554dcf4792b9e3d4722ddf7c3cbdcd257494197732
-
SSDEEP
49152:wA1OFsf1w8ZLkmCWwB/ImagZ7xHC0vqz6DxJY0E9kh6RLddpt4KgQM:bOSw8mmCWwB/ImvHCWzYE6RG
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-