General
-
Target
3df2aba2396309a25fe267c9cbba2c65_JaffaCakes118
-
Size
290KB
-
Sample
240514-fkhx3abe6z
-
MD5
3df2aba2396309a25fe267c9cbba2c65
-
SHA1
0f4f87be5f95dd887356be42d8732b6095870427
-
SHA256
7413abc28aff529f6fefe6ede818b74dafef475ec97e63baa9d9e202c6d4ae71
-
SHA512
ae2d3261166913b2b794ce75354ebe510f85b283b24a4e2dd0a803f5553b0e75b4b2f61517b977fc244ad8b79dc40df0882ea3f374f3b1203ae5cec89058cece
-
SSDEEP
6144:67MPHXjF0lI2ArCtiqIG8oBSvzF6B6+N2TpntyN5thIIz3UIGWAdY4f:yMPHz2lXAmt+o4rF6lN2TpnhkYWc
Static task
static1
Behavioral task
behavioral1
Sample
3df2aba2396309a25fe267c9cbba2c65_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
3df2aba2396309a25fe267c9cbba2c65_JaffaCakes118.apk
Resource
android-x64-20240506-en
Behavioral task
behavioral3
Sample
3df2aba2396309a25fe267c9cbba2c65_JaffaCakes118.apk
Resource
android-x64-arm64-20240506-en
Malware Config
Targets
-
-
Target
3df2aba2396309a25fe267c9cbba2c65_JaffaCakes118
-
Size
290KB
-
MD5
3df2aba2396309a25fe267c9cbba2c65
-
SHA1
0f4f87be5f95dd887356be42d8732b6095870427
-
SHA256
7413abc28aff529f6fefe6ede818b74dafef475ec97e63baa9d9e202c6d4ae71
-
SHA512
ae2d3261166913b2b794ce75354ebe510f85b283b24a4e2dd0a803f5553b0e75b4b2f61517b977fc244ad8b79dc40df0882ea3f374f3b1203ae5cec89058cece
-
SSDEEP
6144:67MPHXjF0lI2ArCtiqIG8oBSvzF6B6+N2TpntyN5thIIz3UIGWAdY4f:yMPHz2lXAmt+o4rF6lN2TpnhkYWc
-
XLoader payload
-
Requests changing the default SMS application.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-