General
-
Target
70a081850df3843c8bba0c7a4822d9a6_JaffaCakes118
-
Size
434KB
-
Sample
240525-dbnqvacb84
-
MD5
70a081850df3843c8bba0c7a4822d9a6
-
SHA1
1fd5e2a5f322f663ae8cf07e2c1f31ff1ea08adb
-
SHA256
72f4581d233e45c636b377a572e936bdad236b25e62198864045a219c714031c
-
SHA512
6c70479d0c2496637259f4da6c96e39d3b93b27a9eafcfe0ff1e4c2e8c29966324cb40cef5dc65fc1af131acc3773834ee4943f9f2c8c4bcb83ee6ce81d48224
-
SSDEEP
12288:XOa7eDLhzStvEmnovq/OF8x+Zt57yOOyEoQfjN+:ELhIvrnGmx+ZDSfU
Static task
static1
Behavioral task
behavioral1
Sample
70a081850df3843c8bba0c7a4822d9a6_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
70a081850df3843c8bba0c7a4822d9a6_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
70a081850df3843c8bba0c7a4822d9a6_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
70a081850df3843c8bba0c7a4822d9a6_JaffaCakes118
-
Size
434KB
-
MD5
70a081850df3843c8bba0c7a4822d9a6
-
SHA1
1fd5e2a5f322f663ae8cf07e2c1f31ff1ea08adb
-
SHA256
72f4581d233e45c636b377a572e936bdad236b25e62198864045a219c714031c
-
SHA512
6c70479d0c2496637259f4da6c96e39d3b93b27a9eafcfe0ff1e4c2e8c29966324cb40cef5dc65fc1af131acc3773834ee4943f9f2c8c4bcb83ee6ce81d48224
-
SSDEEP
12288:XOa7eDLhzStvEmnovq/OF8x+Zt57yOOyEoQfjN+:ELhIvrnGmx+ZDSfU
-
XLoader payload
-
Checks if the Android device is rooted.
-
Requests changing the default SMS application.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-