General
-
Target
4ff32b3d8e47aac218b37d5f2e2d6ec5_JaffaCakes118
-
Size
6.3MB
-
Sample
240517-rj57rabc2t
-
MD5
4ff32b3d8e47aac218b37d5f2e2d6ec5
-
SHA1
e590942c3a5799773d0d14ce599c598a4a4713c9
-
SHA256
eaeeb55b0c30ca717e412d5a024c5b732beb768c5c8ca21ac1a8edd3030aacd6
-
SHA512
c0807a68260ee2c16767a065be639ec4ef19760a39f68398048e5842f38879a27f620f65ef094dd2a16c008c1810dbab96c2bd5f8819aca23fe35dee5115bea8
-
SSDEEP
196608:EEvS8qMAv5hTdCyF11h6RHQodLg/tNWVPDNtWqPqcBctMEi:EcS8qPo211hJWgFN4bNgqPRc2Ei
Static task
static1
Behavioral task
behavioral1
Sample
4ff32b3d8e47aac218b37d5f2e2d6ec5_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
4ff32b3d8e47aac218b37d5f2e2d6ec5_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
__pasys_remote_offer_wall.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
__pasys_remote_offer_wall.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
__pasys_remote_offer_wall.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
gdtad.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
gdtad.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
gdtad.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
4ff32b3d8e47aac218b37d5f2e2d6ec5_JaffaCakes118
-
Size
6.3MB
-
MD5
4ff32b3d8e47aac218b37d5f2e2d6ec5
-
SHA1
e590942c3a5799773d0d14ce599c598a4a4713c9
-
SHA256
eaeeb55b0c30ca717e412d5a024c5b732beb768c5c8ca21ac1a8edd3030aacd6
-
SHA512
c0807a68260ee2c16767a065be639ec4ef19760a39f68398048e5842f38879a27f620f65ef094dd2a16c008c1810dbab96c2bd5f8819aca23fe35dee5115bea8
-
SSDEEP
196608:EEvS8qMAv5hTdCyF11h6RHQodLg/tNWVPDNtWqPqcBctMEi:EcS8qPo211hJWgFN4bNgqPRc2Ei
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
__pasys_remote_offer_wall.jar
-
Size
34KB
-
MD5
67faab61ea860c5a1d3d5e98f6da108f
-
SHA1
60b3d9d3bc7e9ea7cde728f5e42db11a856ae527
-
SHA256
54ba425788c7adf7c0bd042d76ddef399933d3b6b0798386bc0b61fd565e9a6b
-
SHA512
23475cf01bf75e0c1624a4f18f30ee4e994b9166c31141aec2fd5a5f99f86c20198ab64cf2c5a35280651a1145e447cd88e8d9fc8089975c58d0d7e68faacf84
-
SSDEEP
768:iK+8VSMJtBfVVJQkxNU/aD/fELwGC40/MNK2ytug:iKtHBfVVrxa/IHi30/sKFtN
Score1/10 -
-
-
Target
gdtad.jar
-
Size
69KB
-
MD5
11f5dbbb3878a12129159e95befab508
-
SHA1
b2ab0b31241daa951bf2078b2ef68f1c9f3ed9c9
-
SHA256
745bb36869db21946930e482e9293c0122fffb56c5c979355cda3633979af1d5
-
SHA512
9f8a66e4e67355655ba96afa8a665b2887e694c7eedb55b51a95ffdb4979e2e3dc52c34f2782ee318b93bf3b03c08d379b0f59a5261dad563dba939fb5786327
-
SSDEEP
1536:emvauBJ4efD71+LigF4TGx4K8Pl5CCz9JLxzKrPZE:xvD71+egF4TGmK8Pl5Fznk9E
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
1System Checks
1