General
-
Target
6cdcf39fbbbf988a848e725b5186223a_JaffaCakes118
-
Size
10.7MB
-
Sample
240524-bejvysfe6t
-
MD5
6cdcf39fbbbf988a848e725b5186223a
-
SHA1
d0f13f2b444dd9c7f8c2fb41d506e8d17fe94ccf
-
SHA256
af82f5e051e2b62b80630ff87fe3e5743d19926031b53165baf2dd8de0687471
-
SHA512
8d7b804651e78a1889c233fe63eca8f9a1942e1d2ea778bc4d947affea1a4521e0e1e5c924bb92656f292a9b18803b6fd5f46b7d64bf1bc42c8b1283e3b109f5
-
SSDEEP
196608:8P4hqfJHA37R5rE+1SeoQnnNoIC3zcaiQq2LmfJo5Lzi09:kfJgrb/SeoQn+IP2L6uJzi09
Static task
static1
Behavioral task
behavioral1
Sample
6cdcf39fbbbf988a848e725b5186223a_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
autonavi_Resource1_1_0.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
autonavi_Resource1_1_0.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
autonavi_Resource1_1_0.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
6cdcf39fbbbf988a848e725b5186223a_JaffaCakes118
-
Size
10.7MB
-
MD5
6cdcf39fbbbf988a848e725b5186223a
-
SHA1
d0f13f2b444dd9c7f8c2fb41d506e8d17fe94ccf
-
SHA256
af82f5e051e2b62b80630ff87fe3e5743d19926031b53165baf2dd8de0687471
-
SHA512
8d7b804651e78a1889c233fe63eca8f9a1942e1d2ea778bc4d947affea1a4521e0e1e5c924bb92656f292a9b18803b6fd5f46b7d64bf1bc42c8b1283e3b109f5
-
SSDEEP
196608:8P4hqfJHA37R5rE+1SeoQnnNoIC3zcaiQq2LmfJo5Lzi09:kfJgrb/SeoQn+IP2L6uJzi09
-
Checks if the Android device is rooted.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
Checks the presence of a debugger
-
-
-
Target
autonavi_Resource1_1_0.png
-
Size
318KB
-
MD5
ba63c2effb3dc142c4741a94b11a0b8e
-
SHA1
836c9a2ea7113003fd4bcc9af3bfb1f77b36a568
-
SHA256
1ddc70654b3299ccd2d59a7b9d0b687eb59d3c3db524a4b7ba5f7e572ef56377
-
SHA512
c633c9e0fcad129ba2aa5279e4cff96a6520f51b6f5240ab6a06f9b8ef85541746cabce4836ed57cfa43b1d0412b6d099fa9a75904157de4225bed7f661ec5c0
-
SSDEEP
6144:RpoNJGrdQSHWEGSLHBRzu6qCpLWb0P2tC78/DYDGyXGMlXY4Q6w0:RpoNJGhvhlzu6qIP2tyzGyXGMlo4Q6w0
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Execution Guardrails
1Geofencing
1Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2