General
-
Target
670b1c2e47887865cb3617fd064f02d7_JaffaCakes118
-
Size
15.6MB
-
Sample
240522-m62evsce69
-
MD5
670b1c2e47887865cb3617fd064f02d7
-
SHA1
f0e07cae076e2c3662b123b238512d3fe202aa31
-
SHA256
41adf0d6eae407ffc1fed9a4f3f7b6771f3c437721c6a2a9d62237b54b9c5483
-
SHA512
a5caab32933fbc9e1d0695fee61e3c22495cb5fa111df1198f8010ca49d881cf7e153afbfa2ca7f305add7988bbde573224ebecc7605f35e9904e66c8af88219
-
SSDEEP
393216:AT8ZTMAYm/KfPBlClOg2I4XH18fBLmDW6F1W9L7x2DtYNAp:AuMAYuorOxyXVgk1W7fu
Static task
static1
Behavioral task
behavioral1
Sample
670b1c2e47887865cb3617fd064f02d7_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Malware Config
Targets
-
-
Target
670b1c2e47887865cb3617fd064f02d7_JaffaCakes118
-
Size
15.6MB
-
MD5
670b1c2e47887865cb3617fd064f02d7
-
SHA1
f0e07cae076e2c3662b123b238512d3fe202aa31
-
SHA256
41adf0d6eae407ffc1fed9a4f3f7b6771f3c437721c6a2a9d62237b54b9c5483
-
SHA512
a5caab32933fbc9e1d0695fee61e3c22495cb5fa111df1198f8010ca49d881cf7e153afbfa2ca7f305add7988bbde573224ebecc7605f35e9904e66c8af88219
-
SSDEEP
393216:AT8ZTMAYm/KfPBlClOg2I4XH18fBLmDW6F1W9L7x2DtYNAp:AuMAYuorOxyXVgk1W7fu
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-