General
-
Target
8a50ddfbb89470448881db418fa1d3c1_JaffaCakes118
-
Size
1.2MB
-
Sample
240601-nfvp3abh33
-
MD5
8a50ddfbb89470448881db418fa1d3c1
-
SHA1
bc60a843df7984b95292fffd35810987fabab39f
-
SHA256
a76e026503fb19fd79a177fbde58f1124775847371d36a7cc9cea71ea3b5fc36
-
SHA512
3f9191e6f36c20fc35911cd293b78b65a89d89bbe9eb667c6041322c533d25b608fae2fab621db9165d83ce1587b6d1ed48008d116fe297c75490f976050d708
-
SSDEEP
24576:iQLWla/a1iOLKaFnxrvpf77CFgpRzMP7vne9DHihhxOrmpNO2SmX5id:/LWla/a06KEnBvpf7NpRIjfyC/OrmpNI
Static task
static1
Behavioral task
behavioral1
Sample
8a50ddfbb89470448881db418fa1d3c1_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8a50ddfbb89470448881db418fa1d3c1_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
8a50ddfbb89470448881db418fa1d3c1_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
__pasys_remote_banner.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
__pasys_remote_banner.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral6
Sample
__pasys_remote_banner.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
8a50ddfbb89470448881db418fa1d3c1_JaffaCakes118
-
Size
1.2MB
-
MD5
8a50ddfbb89470448881db418fa1d3c1
-
SHA1
bc60a843df7984b95292fffd35810987fabab39f
-
SHA256
a76e026503fb19fd79a177fbde58f1124775847371d36a7cc9cea71ea3b5fc36
-
SHA512
3f9191e6f36c20fc35911cd293b78b65a89d89bbe9eb667c6041322c533d25b608fae2fab621db9165d83ce1587b6d1ed48008d116fe297c75490f976050d708
-
SSDEEP
24576:iQLWla/a1iOLKaFnxrvpf77CFgpRzMP7vne9DHihhxOrmpNO2SmX5id:/LWla/a06KEnBvpf7NpRIjfyC/OrmpNI
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
__pasys_remote_banner.jar
-
Size
114KB
-
MD5
2ad9fb4b2d9b333883b7e38f61c2fd2f
-
SHA1
5b85041452d173ed0d81d25b9ca78608a998e328
-
SHA256
b9310a99f1b60959f6b725eea74623dc491adec55da740c17e8c7e02f35818f5
-
SHA512
6fc04e1e22ebf8920b4928a8086cf3e0814d155f79f80d71622916f6a0911262382710e5ee2acea653db4b387730e201134592cb9992b14f3aef8b09d83bda90
-
SSDEEP
3072:9cU7bD2h2Z5ecVpoj8eVJBl52Dx9yW0jv2gspIn:m8n28Z5eAs8S73InyWmug9
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2