General
-
Target
67f94adcfc778a2e2b3c8e8fb6b5e13e_JaffaCakes118
-
Size
3.3MB
-
Sample
240522-vlbygahh59
-
MD5
67f94adcfc778a2e2b3c8e8fb6b5e13e
-
SHA1
c1712535383bc345d23c374f38cd454616dbcd34
-
SHA256
edd2463f6c9cff6d2b2c3e996eb298ffc7874f907898ccec048ae7666538c65d
-
SHA512
6ed1571f2b61bc86a9f1de1f443d877083e57ba87d70b888bf5ad14364a62cfa35b6f2e3d556ebc292e3317123d13483a1a05c6c1efaedc1ddf3bfe3663dad9a
-
SSDEEP
98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIU:RogneZS6BBrcnfRrxgmnQzR+
Static task
static1
Behavioral task
behavioral1
Sample
67f94adcfc778a2e2b3c8e8fb6b5e13e_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
67f94adcfc778a2e2b3c8e8fb6b5e13e_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
67f94adcfc778a2e2b3c8e8fb6b5e13e_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
67f94adcfc778a2e2b3c8e8fb6b5e13e_JaffaCakes118
-
Size
3.3MB
-
MD5
67f94adcfc778a2e2b3c8e8fb6b5e13e
-
SHA1
c1712535383bc345d23c374f38cd454616dbcd34
-
SHA256
edd2463f6c9cff6d2b2c3e996eb298ffc7874f907898ccec048ae7666538c65d
-
SHA512
6ed1571f2b61bc86a9f1de1f443d877083e57ba87d70b888bf5ad14364a62cfa35b6f2e3d556ebc292e3317123d13483a1a05c6c1efaedc1ddf3bfe3663dad9a
-
SSDEEP
98304:RohWAo3eZru6tvBsYrcnfRrxgzKnUTxWohL/BH2OtywXF3oyVAoVgIU:RogneZS6BBrcnfRrxgmnQzR+
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-