General
-
Target
5554d0033eb4e812d2e8b462c31cdadc_JaffaCakes118
-
Size
30.8MB
-
Sample
240518-se329sha91
-
MD5
5554d0033eb4e812d2e8b462c31cdadc
-
SHA1
df92a154622eea9c15850903800b78004d1ee235
-
SHA256
6587adb954dc41a2fd6f30e89551879063b850c6ce3109400cc9095ef7f85b5c
-
SHA512
47f5a2c85e7c9cb28836a6eb5c1e090c997ee9dd9ee50468234349da8b75609ead6bb6f122e888d7a7d5c4ec39c3fcd773ba7f8e327503486bea5ff92aeaebb9
-
SSDEEP
786432:bX4cwEemSnbATJMvSLkfMWviCHzfyS3HWUQGZi2QUCXFGQG98yl6Hh:bX4nEMbWJMaLkZHzfp3HWOZiVUXduylm
Static task
static1
Behavioral task
behavioral1
Sample
5554d0033eb4e812d2e8b462c31cdadc_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
5554d0033eb4e812d2e8b462c31cdadc_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
VchengAndroidPhonePayCore.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
VchengAndroidPhonePayCore.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
VchengAndroidPhonePayCore.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
5554d0033eb4e812d2e8b462c31cdadc_JaffaCakes118
-
Size
30.8MB
-
MD5
5554d0033eb4e812d2e8b462c31cdadc
-
SHA1
df92a154622eea9c15850903800b78004d1ee235
-
SHA256
6587adb954dc41a2fd6f30e89551879063b850c6ce3109400cc9095ef7f85b5c
-
SHA512
47f5a2c85e7c9cb28836a6eb5c1e090c997ee9dd9ee50468234349da8b75609ead6bb6f122e888d7a7d5c4ec39c3fcd773ba7f8e327503486bea5ff92aeaebb9
-
SSDEEP
786432:bX4cwEemSnbATJMvSLkfMWviCHzfyS3HWUQGZi2QUCXFGQG98yl6Hh:bX4nEMbWJMaLkZHzfp3HWOZiVUXduylm
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Requests dangerous framework permissions
-
-
-
Target
VchengAndroidPhonePayCore.apk
-
Size
96KB
-
MD5
27b7e33ec21c57306674c30f9adc5ec3
-
SHA1
12b29f0c9fb7ddc7f413d18d42e29676338fc757
-
SHA256
11683d681178f1874aa6e30fe3cfe85c34347275659b15a939f9cd7916b1d6c1
-
SHA512
1e5dc38e9ef028b38a89c439c1efee84d5fb22c3fc94d8d015c1eb7f35be41d2c69adb8e8b7b9d8f549d6b1681f4315d1a242b1d4b2c116971fd85e2fa1fc838
-
SSDEEP
1536:Xxp6sQNA8rKuTEBF6zoXXYeuyJzjkW3UXwpaRGt97MgFtSSs0ESC6Rm1PgOW:Bp6sgzob3wwPvsSwYD
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2