General
-
Target
6ef3ec9f552a4225c2fc3a861b876f04_JaffaCakes118
-
Size
2.5MB
-
Sample
240524-spd6wsac9w
-
MD5
6ef3ec9f552a4225c2fc3a861b876f04
-
SHA1
e9adbcfdf6fec79ae03da4052d8e55b019ffef37
-
SHA256
0dc474a1488e06f13fcb75759006b073b0d58f9617f51e5e851f1545476a6b66
-
SHA512
178101023781c6fe7d8b9be0b49b84a4089b7741cd60e6be9a350489faf07a5da03b1e2f05afc23ab8e0dc43d7f86aa519f0c7d58e5b97bf198338c6c41173a4
-
SSDEEP
49152:zhI608Vq0rEpZwN9C5oUUD9NzT/76v2rDJwAJ9cNDqS5m:qh8Vq0rEp+N9CiU49s2JwAJ92qSs
Static task
static1
Behavioral task
behavioral1
Sample
6ef3ec9f552a4225c2fc3a861b876f04_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
6ef3ec9f552a4225c2fc3a861b876f04_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
6ef3ec9f552a4225c2fc3a861b876f04_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
6ef3ec9f552a4225c2fc3a861b876f04_JaffaCakes118
-
Size
2.5MB
-
MD5
6ef3ec9f552a4225c2fc3a861b876f04
-
SHA1
e9adbcfdf6fec79ae03da4052d8e55b019ffef37
-
SHA256
0dc474a1488e06f13fcb75759006b073b0d58f9617f51e5e851f1545476a6b66
-
SHA512
178101023781c6fe7d8b9be0b49b84a4089b7741cd60e6be9a350489faf07a5da03b1e2f05afc23ab8e0dc43d7f86aa519f0c7d58e5b97bf198338c6c41173a4
-
SSDEEP
49152:zhI608Vq0rEpZwN9C5oUUD9NzT/76v2rDJwAJ9cNDqS5m:qh8Vq0rEp+N9CiU49s2JwAJ92qSs
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-