General
-
Target
893712bf04e24bc52a549fe98a2eeb38_JaffaCakes118
-
Size
25.0MB
-
Sample
240601-dqlvssge66
-
MD5
893712bf04e24bc52a549fe98a2eeb38
-
SHA1
cdf2b46835688b6fc8669a33eea196f6e6bf49be
-
SHA256
fb2577dc8ae8aa74b97c834fe83e1a955a946624573e243f37fe357879012228
-
SHA512
aaab889b9e81f17c01990d63aeb8b26f8d47058d799de7fa7c073e47f84155865ee1c30cd32e11869aa3f5cafe12adc52e60150f83c423119efcaed32582fede
-
SSDEEP
786432:BM91gL1307gaZCLO+8WpttmDksXuxEORzniMtg+xssV5Ls1/w5NQ1:AiL1kBWO+NtkZuaORzzthx5eWNk
Static task
static1
Behavioral task
behavioral1
Sample
893712bf04e24bc52a549fe98a2eeb38_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
893712bf04e24bc52a549fe98a2eeb38_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
Letv_Ads.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
Letv_Ads.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
Letv_Ads.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
cmf.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
cmf.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
cmf.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
893712bf04e24bc52a549fe98a2eeb38_JaffaCakes118
-
Size
25.0MB
-
MD5
893712bf04e24bc52a549fe98a2eeb38
-
SHA1
cdf2b46835688b6fc8669a33eea196f6e6bf49be
-
SHA256
fb2577dc8ae8aa74b97c834fe83e1a955a946624573e243f37fe357879012228
-
SHA512
aaab889b9e81f17c01990d63aeb8b26f8d47058d799de7fa7c073e47f84155865ee1c30cd32e11869aa3f5cafe12adc52e60150f83c423119efcaed32582fede
-
SSDEEP
786432:BM91gL1307gaZCLO+8WpttmDksXuxEORzniMtg+xssV5Ls1/w5NQ1:AiL1kBWO+NtkZuaORzzthx5eWNk
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
Checks the presence of a debugger
-
-
-
Target
Letv_Ads.apk
-
Size
144KB
-
MD5
088e32ab9afe0b0952927d20903cb6a5
-
SHA1
dc1ff5b9e4782ea39867a5c5e43769c4291596ce
-
SHA256
412f73e1dd3a506f475ecba46aaae75ebb174a4427b297c0f768bf6e569b9b39
-
SHA512
1754c9984bd263579d41b10911f68aff45704cc4073f90717836cff12a0473dd55963be1cef5cc0760b93b1e825cf7189ff272c9a303f877c12277fe3e19db47
-
SSDEEP
3072:u2RrirO5YbqEBATAZW9zyMTdj7TBM/7j7ZW0:u2RrGO5YbqEBGAuyMTdj7l2Tl
Score1/10 -
-
-
Target
cmf.plugin
-
Size
13.4MB
-
MD5
2f702847746786a83f3cf64a768a6ee1
-
SHA1
208b559ef59a8db9ac345ffd68db85f7d796e449
-
SHA256
189566003e746cdbd67f051731bf1e034aeb8a66b389abc405cf654bb14109bf
-
SHA512
3623d5d48000e62ec7f23155cecdfdeb2d31998dfcb6e26c4c414702db42092ff4340dc6ddeb8aeb2156d62dbb9c9f79d02020f8cb8d075e923d9d15c626106e
-
SSDEEP
393216:LcsOnUya1U5hy/1NnKGHHgcnKVOhCYK33P8frjjOsDJV2K+xsBx3b7RO:XOUjU5hytKGHAcwOhCb33PynOsDXzZO
Score1/10 -