General
-
Target
65a8d1093c3ee36dc03a5a4a7e34e2af_JaffaCakes118
-
Size
3.4MB
-
Sample
240522-cpp1dshb22
-
MD5
65a8d1093c3ee36dc03a5a4a7e34e2af
-
SHA1
8250b36bfbdca79c0f7ffb57984624a1296c1964
-
SHA256
6efad4dd8b7cc6cbae55b82e43bd2e58ae3735b83bcdbbb38fb1914599b5119a
-
SHA512
e0e59a0a35f3c3c8526dedbd3ec22c8ffed0014c223b416dd95bd1f0a519e725d558d40d90ed485b41fb057fb2c39345ae341306457d6a91d1668b4c501f69c5
-
SSDEEP
98304:GFGrWtKmV8XpTEhycjyx5PYFGSygPBm/Y:druKm2XW0cWvgAcmg
Static task
static1
Behavioral task
behavioral1
Sample
65a8d1093c3ee36dc03a5a4a7e34e2af_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
65a8d1093c3ee36dc03a5a4a7e34e2af_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
65a8d1093c3ee36dc03a5a4a7e34e2af_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
65a8d1093c3ee36dc03a5a4a7e34e2af_JaffaCakes118
-
Size
3.4MB
-
MD5
65a8d1093c3ee36dc03a5a4a7e34e2af
-
SHA1
8250b36bfbdca79c0f7ffb57984624a1296c1964
-
SHA256
6efad4dd8b7cc6cbae55b82e43bd2e58ae3735b83bcdbbb38fb1914599b5119a
-
SHA512
e0e59a0a35f3c3c8526dedbd3ec22c8ffed0014c223b416dd95bd1f0a519e725d558d40d90ed485b41fb057fb2c39345ae341306457d6a91d1668b4c501f69c5
-
SSDEEP
98304:GFGrWtKmV8XpTEhycjyx5PYFGSygPBm/Y:druKm2XW0cWvgAcmg
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-