General
-
Target
685f159a2f88f7ac27b1c8b7fe31bdb7_JaffaCakes118
-
Size
30.9MB
-
Sample
240522-x9ltpadg6y
-
MD5
685f159a2f88f7ac27b1c8b7fe31bdb7
-
SHA1
05bb586d16cf595bd00c2c398ba83717670a918e
-
SHA256
d8c1d2d6e931f2af2235fafccc530a245b86ce7387d4e9321c8a57818644ae42
-
SHA512
4ef0927a3b84dda9c9e1e6d795667aa0810ca8935412021d48eeb260167b9ea298a3ad575b3c0808218386cdb4425e4177cc47178a0e5a369bef0b9283d25394
-
SSDEEP
786432:iaeDkxgxlnpZGLqbM6NXlT/LVoEoqoBo/boZ:jegxcYObzDT/LGJfy0Z
Static task
static1
Behavioral task
behavioral1
Sample
685f159a2f88f7ac27b1c8b7fe31bdb7_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
685f159a2f88f7ac27b1c8b7fe31bdb7_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
685f159a2f88f7ac27b1c8b7fe31bdb7_JaffaCakes118
-
Size
30.9MB
-
MD5
685f159a2f88f7ac27b1c8b7fe31bdb7
-
SHA1
05bb586d16cf595bd00c2c398ba83717670a918e
-
SHA256
d8c1d2d6e931f2af2235fafccc530a245b86ce7387d4e9321c8a57818644ae42
-
SHA512
4ef0927a3b84dda9c9e1e6d795667aa0810ca8935412021d48eeb260167b9ea298a3ad575b3c0808218386cdb4425e4177cc47178a0e5a369bef0b9283d25394
-
SSDEEP
786432:iaeDkxgxlnpZGLqbM6NXlT/LVoEoqoBo/boZ:jegxcYObzDT/LGJfy0Z
-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-