General
-
Target
52f01c7ad7b6832d5942ab5663c78a16_JaffaCakes118
-
Size
5.8MB
-
Sample
240518-ekmqksbb23
-
MD5
52f01c7ad7b6832d5942ab5663c78a16
-
SHA1
b2b6b2f6b311cbc26ee15e24e4bc99411a93af7e
-
SHA256
c41d73ec1553da89fee0174b6d006b5067b162ebe4a6a8e1df9a15319f309ad2
-
SHA512
ca9fd95962da9f8d61b5a4107010827417c77c79f5d236b322dec4c84ffe292a6de6eecc085e23f063a6aa1615cf571485f29187fcaacc937275683ca21bbcd3
-
SSDEEP
98304:U4SLkZz4WQwrsNy8e+yV8qJQpJC4UdHvuv4Zzq1IF8zMMQNpzN4MVrF+gAtLiPSZ:ugdQs38JyVXJQFEPJdq1jznQN7+gAtL5
Static task
static1
Behavioral task
behavioral1
Sample
52f01c7ad7b6832d5942ab5663c78a16_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
yap.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
yap.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
yap.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
52f01c7ad7b6832d5942ab5663c78a16_JaffaCakes118
-
Size
5.8MB
-
MD5
52f01c7ad7b6832d5942ab5663c78a16
-
SHA1
b2b6b2f6b311cbc26ee15e24e4bc99411a93af7e
-
SHA256
c41d73ec1553da89fee0174b6d006b5067b162ebe4a6a8e1df9a15319f309ad2
-
SHA512
ca9fd95962da9f8d61b5a4107010827417c77c79f5d236b322dec4c84ffe292a6de6eecc085e23f063a6aa1615cf571485f29187fcaacc937275683ca21bbcd3
-
SSDEEP
98304:U4SLkZz4WQwrsNy8e+yV8qJQpJC4UdHvuv4Zzq1IF8zMMQNpzN4MVrF+gAtLiPSZ:ugdQs38JyVXJQFEPJdq1jznQN7+gAtL5
Score7/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
yap.cfg
-
Size
140KB
-
MD5
2fa3795cca2bd786a72b53a19b536a20
-
SHA1
c76b8569b19677bc4075f179e9eb94a141ad5f75
-
SHA256
c8a10c1e6e3faf353be70b44cf888bacc2e35c94aa7af1682ec9b8d235703040
-
SHA512
b5d9642f20111056cdbca51f5e64e939d5a1ab490cd5b4af1efd55b4689aff53c4b5f366cfe0a1f3bd45572a133f4509f9f31cce1e74fd662f05c2dbd713e872
-
SSDEEP
3072:rQxR4EKnTBF9xhQKJO+/ZvsbN3sFd3JCNmJlLGvCG5C20JtUH7j3:rQxR4JHOKJZZ0blsFNcwJlavUEH33
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
1System Checks
1