General
-
Target
52e693ba345643fc630fe0e4025b5122_JaffaCakes118
-
Size
26.1MB
-
Sample
240518-ec96xaag45
-
MD5
52e693ba345643fc630fe0e4025b5122
-
SHA1
33d635a43d9ea9ab81eb6d4ec23f57d3de70cc4b
-
SHA256
4455286dea5a5b15aed0464d463ef021ef91f4f1fee76f2b33558bd2c6fdbfea
-
SHA512
27293198353eff5671a42d20289e1e358780ec7ad81fc0ec20ae3fdca17e535406e90b5d8e7ab9636f16b58719fd57ecb85da545d45ca2367c3150fafe08dffc
-
SSDEEP
786432:+Wz0Ficgg73PQzzeeZdC8zoNsg/nCb0yk8UgcB/RY8B:L0FicgKQXrYsgfCQt7
Static task
static1
Behavioral task
behavioral1
Sample
52e693ba345643fc630fe0e4025b5122_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
52e693ba345643fc630fe0e4025b5122_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
52e693ba345643fc630fe0e4025b5122_JaffaCakes118
-
Size
26.1MB
-
MD5
52e693ba345643fc630fe0e4025b5122
-
SHA1
33d635a43d9ea9ab81eb6d4ec23f57d3de70cc4b
-
SHA256
4455286dea5a5b15aed0464d463ef021ef91f4f1fee76f2b33558bd2c6fdbfea
-
SHA512
27293198353eff5671a42d20289e1e358780ec7ad81fc0ec20ae3fdca17e535406e90b5d8e7ab9636f16b58719fd57ecb85da545d45ca2367c3150fafe08dffc
-
SSDEEP
786432:+Wz0Ficgg73PQzzeeZdC8zoNsg/nCb0yk8UgcB/RY8B:L0FicgKQXrYsgfCQt7
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2