General
-
Target
664a42ac03c3460209e52dd8d5025873_JaffaCakes118
-
Size
5.9MB
-
Sample
240522-g2nqbaeg29
-
MD5
664a42ac03c3460209e52dd8d5025873
-
SHA1
2bd16c956d809dcf760452ce88bad13f93383aab
-
SHA256
b941a37d8cb6090c701d91d2157c5e59875a584989aaf23bb21a61b77702417a
-
SHA512
4ff0026fdff0883a4444061e0c9b1795e7958bfff36809d07dfb4c3a2cdabbea055e4727922decb7d9e388ae00c7871e3c13f9a91c5f9031e9b3af899f0f2ee3
-
SSDEEP
98304:YDna6nXDEWn/urXc3Mv2vIvZCu+GlirgkV9oVr9W2Arfo2sh56kRm3yPnC:YTTnmrM3uiqsbGlKVKXg7G6oUj
Static task
static1
Behavioral task
behavioral1
Sample
664a42ac03c3460209e52dd8d5025873_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
664a42ac03c3460209e52dd8d5025873_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
664a42ac03c3460209e52dd8d5025873_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
664a42ac03c3460209e52dd8d5025873_JaffaCakes118
-
Size
5.9MB
-
MD5
664a42ac03c3460209e52dd8d5025873
-
SHA1
2bd16c956d809dcf760452ce88bad13f93383aab
-
SHA256
b941a37d8cb6090c701d91d2157c5e59875a584989aaf23bb21a61b77702417a
-
SHA512
4ff0026fdff0883a4444061e0c9b1795e7958bfff36809d07dfb4c3a2cdabbea055e4727922decb7d9e388ae00c7871e3c13f9a91c5f9031e9b3af899f0f2ee3
-
SSDEEP
98304:YDna6nXDEWn/urXc3Mv2vIvZCu+GlirgkV9oVr9W2Arfo2sh56kRm3yPnC:YTTnmrM3uiqsbGlKVKXg7G6oUj
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-