General
-
Target
6b1527e8faac12a1d1633d82d2a618d2_JaffaCakes118
-
Size
263KB
-
Sample
240524-z3qv6sbc3z
-
MD5
6b1527e8faac12a1d1633d82d2a618d2
-
SHA1
68c36b4ed4f9afb168d3fc69e840b14e44853826
-
SHA256
d3dfa26905108cb7239d74c17ad7b326cd9c603febb512deca55435bea7dc88d
-
SHA512
b9e8ff0ddcb5bed5b1ef8c376205c7264e89612ccb6884f34b7d3d7bf1962e0f9f7c1164fa4d0d7d5fab1af078a99a6b1dca543ac792b869ec7565863d3a9e35
-
SSDEEP
6144:XPNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fN7:Ni6tQIwsBFa/IvcR9U7
Static task
static1
Behavioral task
behavioral1
Sample
6b1527e8faac12a1d1633d82d2a618d2_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
6b1527e8faac12a1d1633d82d2a618d2_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
6b1527e8faac12a1d1633d82d2a618d2_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
6b1527e8faac12a1d1633d82d2a618d2_JaffaCakes118
-
Size
263KB
-
MD5
6b1527e8faac12a1d1633d82d2a618d2
-
SHA1
68c36b4ed4f9afb168d3fc69e840b14e44853826
-
SHA256
d3dfa26905108cb7239d74c17ad7b326cd9c603febb512deca55435bea7dc88d
-
SHA512
b9e8ff0ddcb5bed5b1ef8c376205c7264e89612ccb6884f34b7d3d7bf1962e0f9f7c1164fa4d0d7d5fab1af078a99a6b1dca543ac792b869ec7565863d3a9e35
-
SSDEEP
6144:XPNvivXSCeVvnD2IJOsBFaw4IzEsS/ZXBc2Y4MT5fN7:Ni6tQIwsBFa/IvcR9U7
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
1System Checks
1