General
-
Target
0279300628e7f34cdae4fd2fa9c52ef3_JaffaCakes118
-
Size
6.6MB
-
Sample
240427-fldpqsbe57
-
MD5
0279300628e7f34cdae4fd2fa9c52ef3
-
SHA1
ac0f54f98e7156ce6db80c09ff5a4326a09c7cda
-
SHA256
adb7b4b94aeac56bb69697a57dc7a5487bc873de6376df0726608cee73726b35
-
SHA512
30d3115965c9c04c9f153ec7c88ae0f1738aa07d66bc4a68f12b477f9c22b206e934ca07098c983dc3df284fe5128b446e0d99360ae1bdff43be87f2b5293deb
-
SSDEEP
98304:/Xvts2mSpPk5CD3x2SDZmsQnKaSvXVfVx8wQOvxZ9YiWAFXP+Qswh1gRT:9s2mSp8uxDvQ+tjqk9YiWAFXFLTgZ
Static task
static1
Behavioral task
behavioral1
Sample
0279300628e7f34cdae4fd2fa9c52ef3_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
0279300628e7f34cdae4fd2fa9c52ef3_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
0279300628e7f34cdae4fd2fa9c52ef3_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
Behavioral task
behavioral4
Sample
launcher3.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral5
Sample
xiubizhi.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral6
Sample
xiubizhi.apk
Resource
android-x64-20240221-en
Malware Config
Targets
-
-
Target
0279300628e7f34cdae4fd2fa9c52ef3_JaffaCakes118
-
Size
6.6MB
-
MD5
0279300628e7f34cdae4fd2fa9c52ef3
-
SHA1
ac0f54f98e7156ce6db80c09ff5a4326a09c7cda
-
SHA256
adb7b4b94aeac56bb69697a57dc7a5487bc873de6376df0726608cee73726b35
-
SHA512
30d3115965c9c04c9f153ec7c88ae0f1738aa07d66bc4a68f12b477f9c22b206e934ca07098c983dc3df284fe5128b446e0d99360ae1bdff43be87f2b5293deb
-
SSDEEP
98304:/Xvts2mSpPk5CD3x2SDZmsQnKaSvXVfVx8wQOvxZ9YiWAFXP+Qswh1gRT:9s2mSp8uxDvQ+tjqk9YiWAFXFLTgZ
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
launcher3.apk
-
Size
5.7MB
-
MD5
d279dfe58f0054050233e18ee2cea9ed
-
SHA1
cc85f1492dd2614e2360b67c72d05681f063d373
-
SHA256
826b6da121cdca3a3c074872db48d65496202dc1d2aeb7bf9e2ad1b3f64a54f3
-
SHA512
7b683c357326ca699270c6f922baae0066c5e69dd7d61f4248811e11c8a872933dfcb049a39fba491fdfeabaf753aaa9a67a06b2d14096a4b7f5c38310bdd44d
-
SSDEEP
98304:ms2mSpPk5CD3x2SDZmsQnKaSvXVfVx8wQOvxZ9YiWAFXP+Qb:ms2mSp8uxDvQ+tjqk9YiWAFXFb
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Changes the wallpaper (common with ransomware activity)
-
-
-
Target
xiubizhi.apk
-
Size
1.1MB
-
MD5
af8d88227ec2ced57189143288f896d1
-
SHA1
5e0d4b5453b899ce6d2ca16e8e90f49ec27a3dd4
-
SHA256
4e3d5540768c98546f8c1b8192bbb2aeeccb1a7bc3e8210f7321083ce76879d8
-
SHA512
35dd0b7af8a8a54d224a6c8d8bd88b6dc5672f64eaa2e0aef0c5fc1375f3e9c0351e233fb77ed25a120f7e04d46a19cf0d242d33d74998a7060b91ec8edc10a9
-
SSDEEP
24576:1cPNnPWxR92iX574jV0vzZxfE6z11ojpmkDb60QHid50Il/9F+:2Pk2ljV0LZxfE/pmkD+0QHZU+
Score8/10-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-