General
-
Target
71ff057158c19f92adfff896a9c88419_JaffaCakes118
-
Size
435KB
-
Sample
240525-pzr9qacd82
-
MD5
71ff057158c19f92adfff896a9c88419
-
SHA1
d350e3c52da197bbd12b920e8fdbe54b449da0df
-
SHA256
c8fab076f57a77ae0794e3d77e6813a63ca97b0dc93df6e24379bbc81e143b0f
-
SHA512
83afd31042b2df95054b8acfd9d0fb2071579a766445b35fa5cdc97b05f7068252b961a1a433b6b4289f9f428777a94fdcdfa794b6d0e77d5cc5b9d72d97517e
-
SSDEEP
12288:npmerSEOb/i15zUYLGA1TBnWI/gC2sgM5vrI:ncerGb/8zdisnvbI
Static task
static1
Behavioral task
behavioral1
Sample
71ff057158c19f92adfff896a9c88419_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
71ff057158c19f92adfff896a9c88419_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
71ff057158c19f92adfff896a9c88419_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
71ff057158c19f92adfff896a9c88419_JaffaCakes118
-
Size
435KB
-
MD5
71ff057158c19f92adfff896a9c88419
-
SHA1
d350e3c52da197bbd12b920e8fdbe54b449da0df
-
SHA256
c8fab076f57a77ae0794e3d77e6813a63ca97b0dc93df6e24379bbc81e143b0f
-
SHA512
83afd31042b2df95054b8acfd9d0fb2071579a766445b35fa5cdc97b05f7068252b961a1a433b6b4289f9f428777a94fdcdfa794b6d0e77d5cc5b9d72d97517e
-
SSDEEP
12288:npmerSEOb/i15zUYLGA1TBnWI/gC2sgM5vrI:ncerGb/8zdisnvbI
-
XLoader payload
-
Checks if the Android device is rooted.
-
Requests changing the default SMS application.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1