General
-
Target
56c181cf11d792995c997dfab5e16a3a_JaffaCakes118
-
Size
27.8MB
-
Sample
240518-zr5j7afb8t
-
MD5
56c181cf11d792995c997dfab5e16a3a
-
SHA1
982b85bc4f2ff526fc22fc1cfa162f30069ae13c
-
SHA256
ffd04aef0cae58ef118fac757f018e9eb8449a72ff68dc3ecca3dddb6bd07ec3
-
SHA512
576ecb6bfd87aa1353b60562df8e57f85a481a945d94cbe0a821c7bcd80a9ab0d16ac469699efb0e9afba083eecf1f7216e2b24d770aed02969d5bec6e8082ac
-
SSDEEP
786432:/eO87hrTI78TpYckA9DKXDCvoo7+IRvwF/iAg7e3C1Mj:P81QCpYckmuCCIGF/A7m
Static task
static1
Behavioral task
behavioral1
Sample
56c181cf11d792995c997dfab5e16a3a_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
360sdk_1_2148.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
360sdk_3_1000.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
360sdk_3_1000.apk
Resource
android-x64-20240514-en
Malware Config
Targets
-
-
Target
56c181cf11d792995c997dfab5e16a3a_JaffaCakes118
-
Size
27.8MB
-
MD5
56c181cf11d792995c997dfab5e16a3a
-
SHA1
982b85bc4f2ff526fc22fc1cfa162f30069ae13c
-
SHA256
ffd04aef0cae58ef118fac757f018e9eb8449a72ff68dc3ecca3dddb6bd07ec3
-
SHA512
576ecb6bfd87aa1353b60562df8e57f85a481a945d94cbe0a821c7bcd80a9ab0d16ac469699efb0e9afba083eecf1f7216e2b24d770aed02969d5bec6e8082ac
-
SSDEEP
786432:/eO87hrTI78TpYckA9DKXDCvoo7+IRvwF/iAg7e3C1Mj:P81QCpYckmuCCIGF/A7m
-
Checks if the Android device is rooted.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
360sdk_1_2148.zip
-
Size
5.6MB
-
MD5
207987a30203cbaea48a8df80f920500
-
SHA1
69312ab6e46753ef2fd903616828914003b70435
-
SHA256
daf9d4954c750da740e3ede04a627b6607e532d36babf4d86bdd23b8fa1931b0
-
SHA512
ab110eaf1afa77c11ee22f6bbf7039e7fa9adaf93eaa4bdc735fa878f247977b3fd9747d9742ae3d1902edd3cd2468ade4d14449d4b40d77fc06625d12db51fb
-
SSDEEP
98304:YQ/Dn09Lvk3q2Xu2fpFc1nFBFgU2rZ1kpswCz/y3zgyg/clh7jAfSgx7hSva/FmV:f/T09Lvk3y2fqFvik7Cz/yUohnuSW7hQ
Score7/10-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
-
-
Target
360sdk_3_1000.zip
-
Size
1.7MB
-
MD5
1e9aa09b41624c4ab3dfa530fd1078e9
-
SHA1
32896aa59fd6f1509f4f46ec4eebb496658f91aa
-
SHA256
fdd2ac00ca6342d0ad1a684ab5ff6e683b2b56891ae08e6a16578892977e50b7
-
SHA512
9ec9ffacd3db5ab686eed1f68ea8f466030301cebb510ec3a9f3ffb6dc94277d4afba85a92bf7c3679c3fd6ecedad486fdc07adb152a77ec4ddce9dd943d40f5
-
SSDEEP
49152:ktqW6lW3LwyQmpkUTtjB0osrxHwD7lKHN:6qW6CLwQp/TT8rx6KHN
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1