General
-
Target
6d04af25e1e9b7336d2e57afbd62b999_JaffaCakes118
-
Size
15.2MB
-
Sample
240524-chdnsahd71
-
MD5
6d04af25e1e9b7336d2e57afbd62b999
-
SHA1
37750e7a23b0fe3c3e876c1898c456d6b525da3f
-
SHA256
1e8067ef7f6fce35184e7898724222374567f0f468edcff1d25e7636e0fb2528
-
SHA512
1091b69b459446691b74979eeebf3118685296097b214989a05d6edca7c390019a241c63cd9563aeb69f9f2f20986acbb8f4385f7a02ca9d12938ab84a510042
-
SSDEEP
393216:AS4kiviQJ95v4e751utE02uck8x3q1Nm/g4E6C:9/Qb75eETuc3x61A/gx
Static task
static1
Behavioral task
behavioral1
Sample
6d04af25e1e9b7336d2e57afbd62b999_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
6d04af25e1e9b7336d2e57afbd62b999_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
LibMemoryLeakMonitor.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
LibMemoryLeakMonitor.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
LibMemoryLeakMonitor.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
6d04af25e1e9b7336d2e57afbd62b999_JaffaCakes118
-
Size
15.2MB
-
MD5
6d04af25e1e9b7336d2e57afbd62b999
-
SHA1
37750e7a23b0fe3c3e876c1898c456d6b525da3f
-
SHA256
1e8067ef7f6fce35184e7898724222374567f0f468edcff1d25e7636e0fb2528
-
SHA512
1091b69b459446691b74979eeebf3118685296097b214989a05d6edca7c390019a241c63cd9563aeb69f9f2f20986acbb8f4385f7a02ca9d12938ab84a510042
-
SSDEEP
393216:AS4kiviQJ95v4e751utE02uck8x3q1Nm/g4E6C:9/Qb75eETuc3x61A/gx
Score8/10-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
LibMemoryLeakMonitor.apk
-
Size
162KB
-
MD5
1b72a34568e446a2c0d9cc6ca5c075d4
-
SHA1
d5ef6d52d2c377d3e06de0ba36d0ab076b873ab0
-
SHA256
a5d922b6773073d9c7600305ed9857f73d782f3bd8a52b4b2e5f1ab6ce172fe5
-
SHA512
26cc1d82118702c09b7e3535eca0a65f4a3bca7dcccf0bd12e738d33259cfe7b5d67d2c33fb7a9b751930e09af786be2dfe9e5507aed39c6ea4f6a396d2159ab
-
SSDEEP
3072:9ytCcMeJ3WUz3UDxvdpldyb1cEzUFVAvPoNLNWw7R8tEIsy+9kOueDY1eZuUycYm:9uCcMebz36HybCEzfXoNww6sJ6OBYyu2
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1