General
-
Target
2e388d52acc836abbc123d3c72712a0a_JaffaCakes118
-
Size
393KB
-
Sample
240510-kcbw1aga75
-
MD5
2e388d52acc836abbc123d3c72712a0a
-
SHA1
58394375ce91a6dea1c9c6361e4f87267e507e5b
-
SHA256
04132e7cc46761b756aa8c2885fba5759d10db3027bd31865fa9efb5a38d529b
-
SHA512
9c731ba892af5df5498a887c1d4e8bfa54c17141c3a7e93d7f0db4452cf88d7408bab7140666e69b8b57b3f44086c48cda72abaf6d34546719543336f0079fdc
-
SSDEEP
12288:N2sQcoRDzql0m4+nTH0s3TMj6KdDPjLVRWVDsQHesUGSJgsf1l00:N2JHzql0h+nr07lLVNmiGebj
Static task
static1
Behavioral task
behavioral1
Sample
2e388d52acc836abbc123d3c72712a0a_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
2e388d52acc836abbc123d3c72712a0a_JaffaCakes118.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
2e388d52acc836abbc123d3c72712a0a_JaffaCakes118.apk
Resource
android-x64-arm64-20240506-en
Malware Config
Targets
-
-
Target
2e388d52acc836abbc123d3c72712a0a_JaffaCakes118
-
Size
393KB
-
MD5
2e388d52acc836abbc123d3c72712a0a
-
SHA1
58394375ce91a6dea1c9c6361e4f87267e507e5b
-
SHA256
04132e7cc46761b756aa8c2885fba5759d10db3027bd31865fa9efb5a38d529b
-
SHA512
9c731ba892af5df5498a887c1d4e8bfa54c17141c3a7e93d7f0db4452cf88d7408bab7140666e69b8b57b3f44086c48cda72abaf6d34546719543336f0079fdc
-
SSDEEP
12288:N2sQcoRDzql0m4+nTH0s3TMj6KdDPjLVRWVDsQHesUGSJgsf1l00:N2JHzql0h+nr07lLVNmiGebj
-
XLoader payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-