General
-
Target
56efb573b5859e87d51a88afbfac96eb_JaffaCakes118
-
Size
699KB
-
Sample
240518-1kbh7shb4z
-
MD5
56efb573b5859e87d51a88afbfac96eb
-
SHA1
7661b7c743218e2ebda88bb2cecdf2f42260f42a
-
SHA256
793b7d7d8bb91903424286e5df6a0d8d6767e38b7e0a0fce300212a129396e01
-
SHA512
5defb747c6c0ccdf7471ecb9817b3446e4e58b3dd77afaed10094e7a43cf84a0b7a9a9ca22e65fa1433659989e8a28d3c1b66cf248c832cc31befb7a36bbda61
-
SSDEEP
12288:xZsGhcUBzjcKDtU9Cq2TbD6+iBshVBhJ0BxZyiUrbmKkKeDFTIKn1MQWnA+Rhffl:xZsG3rt2CVK+iGhVBEB+rbCFTJ+REC
Static task
static1
Behavioral task
behavioral1
Sample
56efb573b5859e87d51a88afbfac96eb_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
56efb573b5859e87d51a88afbfac96eb_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
56efb573b5859e87d51a88afbfac96eb_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
Fluent.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
Fluent.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral6
Sample
Fluent.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
56efb573b5859e87d51a88afbfac96eb_JaffaCakes118
-
Size
699KB
-
MD5
56efb573b5859e87d51a88afbfac96eb
-
SHA1
7661b7c743218e2ebda88bb2cecdf2f42260f42a
-
SHA256
793b7d7d8bb91903424286e5df6a0d8d6767e38b7e0a0fce300212a129396e01
-
SHA512
5defb747c6c0ccdf7471ecb9817b3446e4e58b3dd77afaed10094e7a43cf84a0b7a9a9ca22e65fa1433659989e8a28d3c1b66cf248c832cc31befb7a36bbda61
-
SSDEEP
12288:xZsGhcUBzjcKDtU9Cq2TbD6+iBshVBhJ0BxZyiUrbmKkKeDFTIKn1MQWnA+Rhffl:xZsG3rt2CVK+iGhVBEB+rbCFTJ+REC
-
Checks Android system properties for emulator presence.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
-
-
Target
Fluent.apk
-
Size
414KB
-
MD5
3d596b729e275c8822001b56934f3acc
-
SHA1
2230deddd141c20ecc3a6c2ead933107802494a9
-
SHA256
9ef6b169afbf9f140dfba4cad958c6a096ffbcf05a707fc43f5d8e0449f62407
-
SHA512
9287a05b4e9b7ede8b7a1f12cca41339c5fa5b04723a052fe9176b5f40afb4a837d3f01948af3741ea4eb49680ab9c02a325cee5be83556567f758a646741636
-
SSDEEP
12288:NsGhcUBzjcKDtU9Cq2TbD6+iBshVBhJ0BxZyiUD:NsG3rt2CVK+iGhVBEB+D
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
3System Checks
3