General
-
Target
577b8c84287d0fd6647edc32f6497afb_JaffaCakes118
-
Size
263KB
-
Sample
240518-3tb77sfa92
-
MD5
577b8c84287d0fd6647edc32f6497afb
-
SHA1
0fac94019d06a9806c3688d1a838c800e0ed61b9
-
SHA256
796be32bf3a89a7319876f830973988bbd5ca7b63365f428ca9f39f7d289caca
-
SHA512
f5a9f3cf5ed02ed9a42cee47b6c460631b4362e5f481ee8b7c20dd79c437130bf8b218457e4b4bc58d857b80818439b626ec31ad343bd27d662359aaa8c50909
-
SSDEEP
6144:+PNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fN2:Qi6tQIwsBFa/IvcR9U2
Static task
static1
Behavioral task
behavioral1
Sample
577b8c84287d0fd6647edc32f6497afb_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
577b8c84287d0fd6647edc32f6497afb_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
577b8c84287d0fd6647edc32f6497afb_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
577b8c84287d0fd6647edc32f6497afb_JaffaCakes118
-
Size
263KB
-
MD5
577b8c84287d0fd6647edc32f6497afb
-
SHA1
0fac94019d06a9806c3688d1a838c800e0ed61b9
-
SHA256
796be32bf3a89a7319876f830973988bbd5ca7b63365f428ca9f39f7d289caca
-
SHA512
f5a9f3cf5ed02ed9a42cee47b6c460631b4362e5f481ee8b7c20dd79c437130bf8b218457e4b4bc58d857b80818439b626ec31ad343bd27d662359aaa8c50909
-
SSDEEP
6144:+PNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fN2:Qi6tQIwsBFa/IvcR9U2
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
1System Checks
1