General
-
Target
5a5c46a117f86dcf5560510112529ec2_JaffaCakes118
-
Size
450KB
-
Sample
240519-t2nfrsfg3s
-
MD5
5a5c46a117f86dcf5560510112529ec2
-
SHA1
552f60e0b467dcdfc9a58a84148481f70cd26ecd
-
SHA256
5bb4a96e789e271d0abad7fd2e95171bbeabfca0a1f25ca83d3ee8fa192c019a
-
SHA512
6ef3a494f083ac2a279a1e12f031fde7f3b247b8acfe2abf8c6e6ec35badb4967408f13f44bc6f715907a3a16176fa21171c1293164776ac8b2200759fb69a7f
-
SSDEEP
12288:r5/MH77kH3Cj3xzYKvMrL1VOR4mE4CNv9vk69N:xMb4HWdvMrJVORSz153
Static task
static1
Behavioral task
behavioral1
Sample
5a5c46a117f86dcf5560510112529ec2_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
5a5c46a117f86dcf5560510112529ec2_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
5a5c46a117f86dcf5560510112529ec2_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
5a5c46a117f86dcf5560510112529ec2_JaffaCakes118
-
Size
450KB
-
MD5
5a5c46a117f86dcf5560510112529ec2
-
SHA1
552f60e0b467dcdfc9a58a84148481f70cd26ecd
-
SHA256
5bb4a96e789e271d0abad7fd2e95171bbeabfca0a1f25ca83d3ee8fa192c019a
-
SHA512
6ef3a494f083ac2a279a1e12f031fde7f3b247b8acfe2abf8c6e6ec35badb4967408f13f44bc6f715907a3a16176fa21171c1293164776ac8b2200759fb69a7f
-
SSDEEP
12288:r5/MH77kH3Cj3xzYKvMrL1VOR4mE4CNv9vk69N:xMb4HWdvMrJVORSz153
-
XLoader payload
-
Checks if the Android device is rooted.
-
Requests changing the default SMS application.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1