General
-
Target
5002443a9dea83ddbe71245454cdc3d4_JaffaCakes118
-
Size
1.5MB
-
Sample
240517-rxd1escb69
-
MD5
5002443a9dea83ddbe71245454cdc3d4
-
SHA1
345fbb6454b8ef398a5a38e967737ede39beae9a
-
SHA256
dfdceedaf137422d82e8faa64a17361d685ce7b3601a8543254619c87b18d58e
-
SHA512
6ee1383fc19a88aa14d0726f9f64fe2f91b3b5d997ab0aaa2b2cc1225372dc921da6ad827db83a8250ca71c555d201d053ed6dae4e396fe6989b54815b81d4fa
-
SSDEEP
24576:Wbd7k06HDhlvCQV1rtudEWLr8sZ5A5cfHzpHFTyhSko6yezrjw6luh2aCOtegYU2:W606Dqk1I5McOcfHzPTyh1yeHjw6raC9
Static task
static1
Behavioral task
behavioral1
Sample
5002443a9dea83ddbe71245454cdc3d4_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
qpzf.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
qpzf.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
qpzf.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
qvpb.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
qvpb.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral7
Sample
qvpb.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral8
Sample
res.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral9
Sample
res.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral10
Sample
res.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
5002443a9dea83ddbe71245454cdc3d4_JaffaCakes118
-
Size
1.5MB
-
MD5
5002443a9dea83ddbe71245454cdc3d4
-
SHA1
345fbb6454b8ef398a5a38e967737ede39beae9a
-
SHA256
dfdceedaf137422d82e8faa64a17361d685ce7b3601a8543254619c87b18d58e
-
SHA512
6ee1383fc19a88aa14d0726f9f64fe2f91b3b5d997ab0aaa2b2cc1225372dc921da6ad827db83a8250ca71c555d201d053ed6dae4e396fe6989b54815b81d4fa
-
SSDEEP
24576:Wbd7k06HDhlvCQV1rtudEWLr8sZ5A5cfHzpHFTyhSko6yezrjw6luh2aCOtegYU2:W606Dqk1I5McOcfHzPTyh1yeHjw6raC9
-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
-
-
Target
qpzf.dat
-
Size
175KB
-
MD5
a2b63bcaaa8fccb88022099c7f4432c2
-
SHA1
a39b010d9d6c44326395bc3e57f1c8e04ec8c25f
-
SHA256
03f0e1c0402468410236848dfc6d6d2310e42d38cab7ed04c05406692ec46c78
-
SHA512
355dc2472101fad1e470493dab6d5ef9df8cdce895654d59127ccefb61c72ba34ba9bd5966efb6041fde7f78d4e47a7f6123dfcf5ce4f03c86dcddd7cd16d17a
-
SSDEEP
3072:PSLaEOVCIfnViYwE5ii0QGjJliXpvknFs3i+FdpdFclsKO31rMaUevAnDaF4:qBOZEcedlAvpHdprTdNv0DaF4
Score1/10 -
-
-
Target
qvpb.ttf
-
Size
62KB
-
MD5
7aa9c7b5cb7d38b622cb0b2d6bb665c9
-
SHA1
ebe46a7155c66b23337e8fe45890874ffeb2ba3f
-
SHA256
e2a7823885bb1e22f9d35bed57557498f7ef43003cf16b3a74eb21600904db95
-
SHA512
c1994d3124b5a571766dcddda3c4676993a36351acddf4825e87cecce5f6bc5000f86bc4d3e2d7de893d02f85e88616390a9065b2805301c405f6ad37f3d9f25
-
SSDEEP
1536:iznaEpgVCY3+al63lMEra0KfVTy26Y0ZLEqUiJieOWnS:iLaEOVCIfnViYwE5ii0S
Score1/10 -
-
-
Target
res.bin
-
Size
39KB
-
MD5
2a94647e5e9497590e70aa2fdf5f896a
-
SHA1
57f4a1e789d503ebabb54ef0e5fb4cad44745a5e
-
SHA256
061d4437522e624e72c6865f0719bd0d45037bc45d8d5adb377d1153347442b3
-
SHA512
4393414e7987f8242fe2e63378841fcdd3fb4414caa9193ee5be5201a886bcd8e2e3d1b78e33d1ed919b3773346abc760dfca129066e8a620f38a5ae27a5db66
-
SSDEEP
768:6Gt5pw3f4K/BsPb77qQwupkGjMCMP4k4EmnHYxU/BHAHV6N:dVijBADqQwhGjMCuwEmnHl/BmV6
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2