General
-
Target
0f2dedc25beae91372be6f838a743395_JaffaCakes118
-
Size
404KB
-
Sample
240502-3txtxabf87
-
MD5
0f2dedc25beae91372be6f838a743395
-
SHA1
700fcf6e7543719dc41a6db0af6b0a0170ab95cb
-
SHA256
09da1eadee70d7e093d7f40cb62dae1a10dd78b0c8840881bda286668f7eb98e
-
SHA512
1ffd159d3b3d54725d6866f7bbda5541fb59d7850ce18f4d9342daad61c602a7ea1b46f15251ff419d5a4b5abad43424602a244d1c5bb04a3aff129e996d9969
-
SSDEEP
6144:QhrNRurRmmm7gMOqKFM/VVck9s+ld1pXCrfhikmk8F4nVEgltr9q/oYaSwuM+CrD:QH3HYGLawd1ELhjsK5trw3FvCpZ
Static task
static1
Behavioral task
behavioral1
Sample
0f2dedc25beae91372be6f838a743395_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
0f2dedc25beae91372be6f838a743395_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
0f2dedc25beae91372be6f838a743395_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Targets
-
-
Target
0f2dedc25beae91372be6f838a743395_JaffaCakes118
-
Size
404KB
-
MD5
0f2dedc25beae91372be6f838a743395
-
SHA1
700fcf6e7543719dc41a6db0af6b0a0170ab95cb
-
SHA256
09da1eadee70d7e093d7f40cb62dae1a10dd78b0c8840881bda286668f7eb98e
-
SHA512
1ffd159d3b3d54725d6866f7bbda5541fb59d7850ce18f4d9342daad61c602a7ea1b46f15251ff419d5a4b5abad43424602a244d1c5bb04a3aff129e996d9969
-
SSDEEP
6144:QhrNRurRmmm7gMOqKFM/VVck9s+ld1pXCrfhikmk8F4nVEgltr9q/oYaSwuM+CrD:QH3HYGLawd1ELhjsK5trw3FvCpZ
-
XLoader payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1