General
-
Target
556467dc3cdf1da05bf190c48bac39f5_JaffaCakes118
-
Size
30.6MB
-
Sample
240518-spk97shg59
-
MD5
556467dc3cdf1da05bf190c48bac39f5
-
SHA1
52704f2bb804f947a870320f20df077ec1008cdb
-
SHA256
e8355a1fa431a5813275d7aa5a07d9f700e44a6d9d235012c457acef31712526
-
SHA512
23e4dc5952476fdd37718f2a4f6e13cbe9c69360cb30f95e7f851f2311be873ffad3cb3288a22bbd76bfd64a7bedf9061d9cd1663806d8771644e8d2a5cdb7ee
-
SSDEEP
786432:zOaSY7aRtEcEHIkfS3vVNexv/+7tcKKpMWLReAY/DzdWu:6aSY7ItEctBvvO/+7OK+LReT/v5
Behavioral task
behavioral1
Sample
556467dc3cdf1da05bf190c48bac39f5_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
556467dc3cdf1da05bf190c48bac39f5_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
amap_resource1_0_0.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
amap_resource1_0_0.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
amap_resource1_0_0.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
556467dc3cdf1da05bf190c48bac39f5_JaffaCakes118
-
Size
30.6MB
-
MD5
556467dc3cdf1da05bf190c48bac39f5
-
SHA1
52704f2bb804f947a870320f20df077ec1008cdb
-
SHA256
e8355a1fa431a5813275d7aa5a07d9f700e44a6d9d235012c457acef31712526
-
SHA512
23e4dc5952476fdd37718f2a4f6e13cbe9c69360cb30f95e7f851f2311be873ffad3cb3288a22bbd76bfd64a7bedf9061d9cd1663806d8771644e8d2a5cdb7ee
-
SSDEEP
786432:zOaSY7aRtEcEHIkfS3vVNexv/+7tcKKpMWLReAY/DzdWu:6aSY7ItEctBvvO/+7OK+LReT/v5
-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
amap_resource1_0_0.png
-
Size
24KB
-
MD5
94a2a5f84a3fd6f0fd9134708ae1b81e
-
SHA1
1e21afaa48ed86cb31aaf7b17c3514315364cc99
-
SHA256
fc0c21884d4edfa4d93282139a309f204b27271a111a5b158edbc048f730b461
-
SHA512
24a175d15cb5cf8d23f0d53b004ed5c9a47646129c816fcae1b46aedabd95bb2c6dd2958d39d6f98f36dec3cd55d6af2d9b8f7013ced4b37a30db566e9a44923
-
SSDEEP
384:SevEWnTSCwukBdJ4dVCHyP7MPi3oqYXgnJk:3vEWnSue4+Sf3opQa
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2