General
-
Target
535e2d9656b90190f26a193975549dea_JaffaCakes118
-
Size
14.3MB
-
Sample
240518-g7cj8sff9y
-
MD5
535e2d9656b90190f26a193975549dea
-
SHA1
273ff75e7ed9a6d711a5532d94dff3d89288482f
-
SHA256
d315ba57739caba61528793cee7dff09fb542bea1c7c8b6616dad9e0f4a95ec6
-
SHA512
5b0c8741fdaaf0c00c21e0811df60446704c5e2848a321d2197ad123f3a0782d616e156642dbb88695f6c979d6ec458ef470549b85a6e3c8bf1489bd99e2f822
-
SSDEEP
393216:CGV4fBZmpyPpsfxp6BSiHEle5haTyxcVeOLc1c:BVSZmE8puzHN5hEVeoc2
Static task
static1
Behavioral task
behavioral1
Sample
535e2d9656b90190f26a193975549dea_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Malware Config
Targets
-
-
Target
535e2d9656b90190f26a193975549dea_JaffaCakes118
-
Size
14.3MB
-
MD5
535e2d9656b90190f26a193975549dea
-
SHA1
273ff75e7ed9a6d711a5532d94dff3d89288482f
-
SHA256
d315ba57739caba61528793cee7dff09fb542bea1c7c8b6616dad9e0f4a95ec6
-
SHA512
5b0c8741fdaaf0c00c21e0811df60446704c5e2848a321d2197ad123f3a0782d616e156642dbb88695f6c979d6ec458ef470549b85a6e3c8bf1489bd99e2f822
-
SSDEEP
393216:CGV4fBZmpyPpsfxp6BSiHEle5haTyxcVeOLc1c:BVSZmE8puzHN5hEVeoc2
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks Qemu related system properties.
Checks for Android system properties related to Qemu for Emulator detection.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
gdtadv2.jar
-
Size
1.1MB
-
MD5
62d3210f0381703b79c016a5a475c650
-
SHA1
d57e3810e0490f3c46c7cef1430047e640e1170f
-
SHA256
b24e08fff96ed736f5f5751f2b5f7e5751118616f0e9557974748c8674e2d197
-
SHA512
153dc4cee44b62ebefa59e260ddfb8c197188c17dfb8d384fb588a881b321e841b245b5e2fbb4d44ba6ca597e1a5e73b36441c6bb800fbf5a01f33d91fd98c14
-
SSDEEP
24576:/ZrPZ3ONad/a9n3cOWPjywoGpe6LrA1kZb5wCWv1SC5+6Cmmtx/Q+b/:BrB3OcdS9n3cXywoRRqmCOSCk6At/j
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
6System Checks
6