Overview
overview
8Static
static
655012cc6da...18.apk
android-9-x86
855012cc6da...18.apk
android-10-x64
8PushPlugin.apk
android-9-x86
PushPlugin.apk
android-10-x64
PushPlugin.apk
android-11-x64
__xadsdk__...__.apk
android-9-x86
__xadsdk__...__.apk
android-10-x64
__xadsdk__...__.apk
android-11-x64
andashi_service.apk
android-9-x86
1andashi_service.apk
android-10-x64
1andashi_service.apk
android-11-x64
1gdtadv2.apk
android-9-x86
gdtadv2.apk
android-10-x64
gdtadv2.apk
android-11-x64
hideapi_hook.apk
android-9-x86
hideapi_hook.apk
android-10-x64
hideapi_hook.apk
android-11-x64
General
-
Target
55012cc6da92a270fc438c3b37e413c4_JaffaCakes118
-
Size
8.6MB
-
Sample
240518-q1s33sec69
-
MD5
55012cc6da92a270fc438c3b37e413c4
-
SHA1
4eb85ddc5df71e65952716b4a920293ad9589224
-
SHA256
f395d92861fccb61737ab1f1a25bd556cc94699f86d5ed115b153bb387e6f0e0
-
SHA512
da3f104791fb9627aafcae4de1e99a9b2c8ab42eb18ce238b9bc584eb760c8e696e532c99ad127ab6f503d8eb7be3ee2fd9bb2cc7f0fcb44cc738463dad1c2b1
-
SSDEEP
196608:YgB2JfPgLq8jbgRe0lVpWlTDUf3l3DMrNLC9dGm:YgclgL/bgzjmTDUMNmD
Static task
static1
Behavioral task
behavioral1
Sample
55012cc6da92a270fc438c3b37e413c4_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
55012cc6da92a270fc438c3b37e413c4_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
PushPlugin.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
PushPlugin.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
PushPlugin.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
__xadsdk__remote__final__.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
__xadsdk__remote__final__.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
__xadsdk__remote__final__.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
andashi_service.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
andashi_service.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
andashi_service.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral12
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral13
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral14
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral15
Sample
hideapi_hook.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral16
Sample
hideapi_hook.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral17
Sample
hideapi_hook.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
55012cc6da92a270fc438c3b37e413c4_JaffaCakes118
-
Size
8.6MB
-
MD5
55012cc6da92a270fc438c3b37e413c4
-
SHA1
4eb85ddc5df71e65952716b4a920293ad9589224
-
SHA256
f395d92861fccb61737ab1f1a25bd556cc94699f86d5ed115b153bb387e6f0e0
-
SHA512
da3f104791fb9627aafcae4de1e99a9b2c8ab42eb18ce238b9bc584eb760c8e696e532c99ad127ab6f503d8eb7be3ee2fd9bb2cc7f0fcb44cc738463dad1c2b1
-
SSDEEP
196608:YgB2JfPgLq8jbgRe0lVpWlTDUf3l3DMrNLC9dGm:YgclgL/bgzjmTDUMNmD
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
PushPlugin.plugin
-
Size
158KB
-
MD5
0b1c22a5d5ebd04c6bd3808fea91dd3e
-
SHA1
cbe8fc95406b2b07fa64f3d5d114b57c1c119058
-
SHA256
1f3c687ea7a1be6ba48caf6824310237e2bd0c6078288b19226df09c5d8f5166
-
SHA512
5baae4bbebcf96162aca6c0c809b64d8d465735ec911baf4ebf982e3942700d6264ec01bf306846446a00054a63483b847811fe9f512081c9b2e2cf7fe30a134
-
SSDEEP
3072:ePpADR6eoUflaI0JJFF4Rd/smOj86zj4AviazQ2ftXzL7UkkT9n6CVo1F50lbnb7:ePOgLOZAKd/smzS0g/Q2ftjL1kT9Lo1m
Score1/10 -
-
-
Target
__xadsdk__remote__final__.jar
-
Size
83KB
-
MD5
607e65052147713115dd87f0866d504c
-
SHA1
5ff2a1c2ebedeb61236c56edfde6406828a05c6c
-
SHA256
fe2fe2810faab43ae935927bfde6faafb8c74532f760afbecff9585d4404e741
-
SHA512
2bc7144ac0c6dfbcf097f778ee110405d9c58f4fc4901356c2cf2622d7a4f6b12ce30a51f168962a8c81fbab9c46a65c2b219633dd2a80cc345dbf255cebf2a1
-
SSDEEP
1536:eKSS1UbomStT19s4G0/GZzgrF2nPOgfbexVK8RV+0XUv5VzUxwh3MPeUivu5iy:DSYsStT1ZT/ugrFsmgsHWzUxq3MPeUi8
Score1/10 -
-
-
Target
andashi_service.jar
-
Size
5KB
-
MD5
698ab7530be951c006c2cee52a074d0e
-
SHA1
99d7e61a6d52d4114a7ed484ec71f17bbf0bf172
-
SHA256
0fdd66997648d432a017b99e129faa7e50c9568902849cc8e26a1ff081ffb998
-
SHA512
5ee3ab9c544c437c4b57b0d805d1c65bb6de85d59a74780da421772fe6f3f07c6a9b3dff626f5abbab331b96d9b362575654685872e682a0ad487dd04504a717
-
SSDEEP
96:91TKogsufcYmnSYFH1JaLtccAiSu7uEzWwxoZtfgj2OJycL9cO1cxkK/r4cvweaM:9dKCnWjSu7uWqIxJ7raxj/yer
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
99KB
-
MD5
268ed763643b70cb46f7216f02f7033b
-
SHA1
69077e226f5364f0e1d615a3a4c7724da37567e2
-
SHA256
29e4237083b27e476bc26facf963e2468a39689e818e226c03245b71dfcdeacc
-
SHA512
9787d3b3fd234541d22b213025e4cc0ddd72f4d733b08023d672d4c1b448e25302b0bb82545ae5e4666a9967ad694e3d331ee563a27a2c4be3c2ee789644de14
-
SSDEEP
1536:puXANuU4FZsnJG0ohR0QYyLHGz2ax5sbXAniMjsvvYOA9MzDeNMAgnLiNri4LuWF:aUgiG0ocQLG5s7MQYZ+zmNriY
Score1/10 -
-
-
Target
hideapi_hook.jar
-
Size
4KB
-
MD5
955f0b11b1bc554df2dcd9f2bd601295
-
SHA1
1659fed5f8cff1551becb68985cdb201cf03208f
-
SHA256
5da278a5ce80e7c782d418c6f5bc54c146b1c2b4da382e1325b314701d659ebd
-
SHA512
d7f1689973c2aa19fad36162ee7a232451f506490c097d1608f399ca02487f770806b359af9108ff4af73e53a4874f8f2d2c096b38fee20ff2c4e123378f528f
-
SSDEEP
96:EOHkVY2wdcFKYPXc1Xwbv8484/EV22Xnhcq8o9hTrvtN1XiFvi:EOH00uKYPcAbv848KEVnh8ovTjl8i
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Execution Guardrails
1Geofencing
1Foreground Persistence
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1