General
-
Target
67c29ed1b4de1de470e653e0b518c10a_JaffaCakes118
-
Size
23.8MB
-
Sample
240522-s32t4sgb2x
-
MD5
67c29ed1b4de1de470e653e0b518c10a
-
SHA1
c66156e5e13a8f9b4c421e262ae342a22d8bae6d
-
SHA256
30712b835d5b46951fc7b767ba1aebf4d3a674b0fb23fcb2b0f885989e733fca
-
SHA512
2c1a30750f9395f3768722d1e3090774441837c6ab11972f21f5fdd51c019d916e53d11c98c7af955a0db8c1386506a20c3c88a7e3a2b56d98e438ee99521d40
-
SSDEEP
393216:e+doTdH2dVWBYGuIVzSRo8C/Nn/a/CxD41sk6C4PCjYohRA425k0gO/8EU:eTdWdMyASE/N/2CxDu6zPC7R85/q
Static task
static1
Behavioral task
behavioral1
Sample
67c29ed1b4de1de470e653e0b518c10a_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
com.qiyi.traffic.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
com.qiyi.traffic.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
com.qiyi.traffic.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
67c29ed1b4de1de470e653e0b518c10a_JaffaCakes118
-
Size
23.8MB
-
MD5
67c29ed1b4de1de470e653e0b518c10a
-
SHA1
c66156e5e13a8f9b4c421e262ae342a22d8bae6d
-
SHA256
30712b835d5b46951fc7b767ba1aebf4d3a674b0fb23fcb2b0f885989e733fca
-
SHA512
2c1a30750f9395f3768722d1e3090774441837c6ab11972f21f5fdd51c019d916e53d11c98c7af955a0db8c1386506a20c3c88a7e3a2b56d98e438ee99521d40
-
SSDEEP
393216:e+doTdH2dVWBYGuIVzSRo8C/Nn/a/CxD41sk6C4PCjYohRA425k0gO/8EU:eTdWdMyASE/N/2CxDu6zPC7R85/q
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks Qemu related system properties.
Checks for Android system properties related to Qemu for Emulator detection.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Reads the content of photos stored on the user's device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
com.qiyi.traffic.apk
-
Size
127KB
-
MD5
e479c7d3e8f09c25b8cec91869161c39
-
SHA1
745abb49bb422bfc765adacaeb2d3639c02656e7
-
SHA256
26287e36dcb2ace00a7799f7ccefde9f2304560dcdd7f30a32527caf84adaee1
-
SHA512
e187bd459de9b566331f61cb3964077a07b5c5fb2cceeff6f134ef332b46a4db8a290c8383d62f2a6d2259db800d07ac9f8f3569aa04550d62f1781417ad50bb
-
SSDEEP
3072:md41tV8pw8td03OHhPUP+GU0M3E2RNR9OV3KiuL7ex:Op7OqhMrCn/X23R
Score1/10 -