General
-
Target
63b63ee21d966bc71663fbea3aa118c2_JaffaCakes118
-
Size
11.8MB
-
Sample
240521-sdx5mahh8v
-
MD5
63b63ee21d966bc71663fbea3aa118c2
-
SHA1
e98ebfd5ca33f46e43666d57ccfdf35c51f88618
-
SHA256
8cdcf3004d53aabc3e7ba23b2d4cab986328bff234471886953702656ca6a80b
-
SHA512
0c7e73c52bc2f65dd3d818fddfca5f6125601912d69c2d6c478fc3c2d5f348016d3bbab00d33f574e524d7db88b36a3ab3908a06f6f9b31058c0ef346b0f2bfe
-
SSDEEP
196608:oHFHWH8c8wfpznpzuM+IjkpHVL8A74W39zgbf0KJ9wqnP4FgoT7/EwsM46kfAy:CB86wfpznpzPNkpHV5cWtzuzGqnjoMMa
Static task
static1
Behavioral task
behavioral1
Sample
63b63ee21d966bc71663fbea3aa118c2_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
63b63ee21d966bc71663fbea3aa118c2_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
63b63ee21d966bc71663fbea3aa118c2_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
mimo_asset.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
mimo_asset.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral6
Sample
mimo_asset.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
63b63ee21d966bc71663fbea3aa118c2_JaffaCakes118
-
Size
11.8MB
-
MD5
63b63ee21d966bc71663fbea3aa118c2
-
SHA1
e98ebfd5ca33f46e43666d57ccfdf35c51f88618
-
SHA256
8cdcf3004d53aabc3e7ba23b2d4cab986328bff234471886953702656ca6a80b
-
SHA512
0c7e73c52bc2f65dd3d818fddfca5f6125601912d69c2d6c478fc3c2d5f348016d3bbab00d33f574e524d7db88b36a3ab3908a06f6f9b31058c0ef346b0f2bfe
-
SSDEEP
196608:oHFHWH8c8wfpznpzuM+IjkpHVL8A74W39zgbf0KJ9wqnP4FgoT7/EwsM46kfAy:CB86wfpznpzPNkpHV5cWtzuzGqnjoMMa
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Requests dangerous framework permissions
-
Checks the presence of a debugger
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
mimo_asset.apk
-
Size
397KB
-
MD5
015b93140e10348bac8bbe9c1cd26e55
-
SHA1
96f545739c8ae213c5afbc97e1bca4ef0346a100
-
SHA256
1891f588d5d58f90ce8ee77afc968279aef9011470ac5a172ae3066093e4a0ba
-
SHA512
351b4fdac4cd30a81c5ae593583c7412aa931632e3fcc20062fb13c8d06c3e286bc8e8468d6d2fb753b0cf12d21e3614db38ddbc502cf0c8de1b1abfd4f6a055
-
SSDEEP
6144:z2TyBIPqGJXEmSogt05H3PgADV+aFSs36m+z110g+NrQwDEjAQ8wgKtiLnkt:z7BIiS0OpH/trcsqmU10g+LDEG5KOkt
Score1/10 -