General
-
Target
66dadc1d34d399725a6ef5105aa19ea7_JaffaCakes118
-
Size
15.6MB
-
Sample
240522-lv4v6sbb91
-
MD5
66dadc1d34d399725a6ef5105aa19ea7
-
SHA1
b5fbdec2465c90e4677a647509ab2e00806b03cd
-
SHA256
2ee5d631fba4f70586a7a95381af68048176f2f5f411d28ca459b1afcfc7eef0
-
SHA512
eef4173eb2b75080b11bbfafd2aba48086c95ecfb27ac1129437467f69bd89c6fe4123413e86fc26720a9e48731e4ad8d1e7a5d55be7331be2f73cfc4cff252a
-
SSDEEP
393216:pPS3K0hIuThmRaSoBBuVlXTxeTLxaB2p1REjWBWC:pEK+bmYS+UkcB2nRgJC
Static task
static1
Behavioral task
behavioral1
Sample
66dadc1d34d399725a6ef5105aa19ea7_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
66dadc1d34d399725a6ef5105aa19ea7_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
chargelocal.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
chargelocal.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
chargelocal.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
66dadc1d34d399725a6ef5105aa19ea7_JaffaCakes118
-
Size
15.6MB
-
MD5
66dadc1d34d399725a6ef5105aa19ea7
-
SHA1
b5fbdec2465c90e4677a647509ab2e00806b03cd
-
SHA256
2ee5d631fba4f70586a7a95381af68048176f2f5f411d28ca459b1afcfc7eef0
-
SHA512
eef4173eb2b75080b11bbfafd2aba48086c95ecfb27ac1129437467f69bd89c6fe4123413e86fc26720a9e48731e4ad8d1e7a5d55be7331be2f73cfc4cff252a
-
SSDEEP
393216:pPS3K0hIuThmRaSoBBuVlXTxeTLxaB2p1REjWBWC:pEK+bmYS+UkcB2nRgJC
-
Checks if the Android device is rooted.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
-
-
Target
chargelocal
-
Size
1.1MB
-
MD5
704b581ff928e7a1c998fa6c98c0b3ae
-
SHA1
c862400ae30e318ae3028f3dee5f7b52c19e23ff
-
SHA256
123398dbbe734a4a602e5f2172eba1c7ad3a015260620acc812bbbd10915ed6c
-
SHA512
fddaa3356b23f7a6353ed2e55418143fb2412ea4b825d0d2ab9d6a15d50fab446332991fb3b2fa04542f8962ade82714708381dbfb612f44ccd109458b81ea49
-
SSDEEP
24576:y9DjyzaxIBx8ZJpcAjPrG9dpNayTG2NdY5VJ2ZTqOXJRQ9SvfGCv:m3pDpvzGz0weO5RQ9SvfGm
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
Process Discovery
1Software Discovery
1Security Software Discovery
1System Information Discovery
3System Network Configuration Discovery
3System Network Connections Discovery
1