General
-
Target
6d09b0cc1aa7dac869bb1873f550765e_JaffaCakes118
-
Size
11.5MB
-
Sample
240524-cpkqnshg82
-
MD5
6d09b0cc1aa7dac869bb1873f550765e
-
SHA1
e343d031b2c1403a31adef3d6a0f5e618fd514cc
-
SHA256
61aec9c3a1c40ae11c09f76dfa4434edf73401eaf008c81a0f859d51593d0cb7
-
SHA512
9b92bd1227238b5f615664b564285454d8a1beda1738e7a0ed265bad137e83a8ce1f634b6068793ac1f8da8bbe6cf2ed0a50a7595be6d0ba49643dfe90f64a3c
-
SSDEEP
196608:SZWwOqAepW1oKk53fbqphoNReSYrvnxb757BXGjnHHkp3khxuntw5Kh6ZNZsdeEI:SZY1eH5Pbqw/A1P/XqnHHXrutw5K8ZAU
Static task
static1
Behavioral task
behavioral1
Sample
6d09b0cc1aa7dac869bb1873f550765e_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Malware Config
Targets
-
-
Target
6d09b0cc1aa7dac869bb1873f550765e_JaffaCakes118
-
Size
11.5MB
-
MD5
6d09b0cc1aa7dac869bb1873f550765e
-
SHA1
e343d031b2c1403a31adef3d6a0f5e618fd514cc
-
SHA256
61aec9c3a1c40ae11c09f76dfa4434edf73401eaf008c81a0f859d51593d0cb7
-
SHA512
9b92bd1227238b5f615664b564285454d8a1beda1738e7a0ed265bad137e83a8ce1f634b6068793ac1f8da8bbe6cf2ed0a50a7595be6d0ba49643dfe90f64a3c
-
SSDEEP
196608:SZWwOqAepW1oKk53fbqphoNReSYrvnxb757BXGjnHHkp3khxuntw5Kh6ZNZsdeEI:SZY1eH5Pbqw/A1P/XqnHHXrutw5K8ZAU
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2