General
-
Target
69d8b0920e9b67aa2f6e9018552aa398_JaffaCakes118
-
Size
2.4MB
-
Sample
240523-fxhstseh6t
-
MD5
69d8b0920e9b67aa2f6e9018552aa398
-
SHA1
c3585e66eff2c55c42480eade197312bc3a7c061
-
SHA256
e61a597fe75a422642686ed93d88111f972d65cf4a05d648e5d479677e58a123
-
SHA512
6d4efb150986946673dd4a7b05e38ab614fc50ccb2ce4edab81388fc9017f7ff5e05e771b18ab8633c5adb1299c40f82dae821677c51f4a150241ea0f76d1476
-
SSDEEP
49152:Ud2ZpfP/+6plv5L7MuUWL/IF+g6Rf8+cHqyi1tqmx1sahZkLDGZYrYWow:Jb3/rplxCWx5bcd8t5xWIZkLD2Wow
Static task
static1
Behavioral task
behavioral1
Sample
69d8b0920e9b67aa2f6e9018552aa398_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
69d8b0920e9b67aa2f6e9018552aa398_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
69d8b0920e9b67aa2f6e9018552aa398_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
69d8b0920e9b67aa2f6e9018552aa398_JaffaCakes118
-
Size
2.4MB
-
MD5
69d8b0920e9b67aa2f6e9018552aa398
-
SHA1
c3585e66eff2c55c42480eade197312bc3a7c061
-
SHA256
e61a597fe75a422642686ed93d88111f972d65cf4a05d648e5d479677e58a123
-
SHA512
6d4efb150986946673dd4a7b05e38ab614fc50ccb2ce4edab81388fc9017f7ff5e05e771b18ab8633c5adb1299c40f82dae821677c51f4a150241ea0f76d1476
-
SSDEEP
49152:Ud2ZpfP/+6plv5L7MuUWL/IF+g6Rf8+cHqyi1tqmx1sahZkLDGZYrYWow:Jb3/rplxCWx5bcd8t5xWIZkLD2Wow
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-