General
-
Target
89a179ff243912a137eb99a8395a2c7f_JaffaCakes118
-
Size
24.8MB
-
Sample
240601-hdrmqsdf48
-
MD5
89a179ff243912a137eb99a8395a2c7f
-
SHA1
4e0c805fb821050811ddf80998c112454f7c59b8
-
SHA256
bb00af6432802dc6ecb201c503e620423c1f916a3e7b4bd8d9ce5e80ac2984ae
-
SHA512
a0d48da321cdbef8e3482dac4fe74a22ad0309c97af22b826505ab32afa55ccf391cb9cb2954d50f6e711faecd6d1fb3acc5931939c98978b56d22b70985462c
-
SSDEEP
393216:9hKmqaLkYIyIjNe49eLBRWEE/+k+2bXum7Pw0FVgRGcQzisKIqeUegaxhuOQavfK:POaYPjnEE/+idFV+GBziLHeJqH4ydgW
Behavioral task
behavioral1
Sample
89a179ff243912a137eb99a8395a2c7f_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
89a179ff243912a137eb99a8395a2c7f_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
amap_resource1_0_0.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
amap_resource1_0_0.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
amap_resource1_0_0.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
89a179ff243912a137eb99a8395a2c7f_JaffaCakes118
-
Size
24.8MB
-
MD5
89a179ff243912a137eb99a8395a2c7f
-
SHA1
4e0c805fb821050811ddf80998c112454f7c59b8
-
SHA256
bb00af6432802dc6ecb201c503e620423c1f916a3e7b4bd8d9ce5e80ac2984ae
-
SHA512
a0d48da321cdbef8e3482dac4fe74a22ad0309c97af22b826505ab32afa55ccf391cb9cb2954d50f6e711faecd6d1fb3acc5931939c98978b56d22b70985462c
-
SSDEEP
393216:9hKmqaLkYIyIjNe49eLBRWEE/+k+2bXum7Pw0FVgRGcQzisKIqeUegaxhuOQavfK:POaYPjnEE/+idFV+GBziLHeJqH4ydgW
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks Qemu related system properties.
Checks for Android system properties related to Qemu for Emulator detection.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
amap_resource1_0_0.png
-
Size
22KB
-
MD5
ac05cb594daed922c0e594e6e95823bd
-
SHA1
7cc513a2fd4b1aafbed793a1cbd8f8b7a96d40b1
-
SHA256
f2e5deeba939befff1c9bc3fe0754f429ebb31c768186f72cc76485aa527c7b8
-
SHA512
0ee2cb626abdaa20ba9abc16ea9affaae2f3075433e5f4198f37b1d59dcb2961ec705432974f3cf6fa8a1bdc895b0dc31aec47da0edeea7c69ab57a883b263a5
-
SSDEEP
384:mvWgvox88EhV6p1gjIJj38D8I3FBJwPg2:CWgvz5hV6p1jI3Fq
Score1/10 -