Overview
overview
8Static
static
68b0354a1b5...18.apk
android-9-x86
71.apk
android-9-x86
81.apk
android-10-x64
81.apk
android-11-x64
8bdxadsdk.apk
android-9-x86
bdxadsdk.apk
android-10-x64
bdxadsdk.apk
android-11-x64
2.apk
android-9-x86
8andashi_service.apk
android-9-x86
1andashi_service.apk
android-10-x64
1andashi_service.apk
android-11-x64
1General
-
Target
8b0354a1b5a011f8dfe3f2236710f30b_JaffaCakes118
-
Size
4.6MB
-
Sample
240601-tp7zmsgc9z
-
MD5
8b0354a1b5a011f8dfe3f2236710f30b
-
SHA1
c8625eca23c31be2fb312b7fdf97e6c510d5dc90
-
SHA256
c86ae6457bc92170c3ae7ba6fef64d4002cfa1281419677833023e070f282120
-
SHA512
7f557ba8870019f4ccef9ef118514ddb884eccc3e7e76c6d9585b150be6f44b08b079cd2c0835d59a9de20771f5e2c90559748d2d7f2df17e6401ff0cf38d1e1
-
SSDEEP
98304:erO2kHUUhgu5LRBrN0wBAsORq0PnEG21W5VnSk3Q3H2cdq/jf+jO:er4Hg29ddmhvZ2mlS/WXf+K
Static task
static1
Behavioral task
behavioral1
Sample
8b0354a1b5a011f8dfe3f2236710f30b_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
1.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral3
Sample
1.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral4
Sample
1.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral5
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral6
Sample
bdxadsdk.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral7
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral8
Sample
2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral9
Sample
andashi_service.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
andashi_service.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
andashi_service.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
8b0354a1b5a011f8dfe3f2236710f30b_JaffaCakes118
-
Size
4.6MB
-
MD5
8b0354a1b5a011f8dfe3f2236710f30b
-
SHA1
c8625eca23c31be2fb312b7fdf97e6c510d5dc90
-
SHA256
c86ae6457bc92170c3ae7ba6fef64d4002cfa1281419677833023e070f282120
-
SHA512
7f557ba8870019f4ccef9ef118514ddb884eccc3e7e76c6d9585b150be6f44b08b079cd2c0835d59a9de20771f5e2c90559748d2d7f2df17e6401ff0cf38d1e1
-
SSDEEP
98304:erO2kHUUhgu5LRBrN0wBAsORq0PnEG21W5VnSk3Q3H2cdq/jf+jO:er4Hg29ddmhvZ2mlS/WXf+K
Score7/10-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
-
-
Target
1.apk
-
Size
448KB
-
MD5
11cf5196ce1eea19b87cb85e7180bfb6
-
SHA1
85844ed8977263c5fa8c1e9e49be993037c73b27
-
SHA256
12d861b4b4ccfafd1d8c5d0c39a5119922bf5d14ece78cb2b980568bf81e8e3d
-
SHA512
b168c7c1dfff8a36e76e6f0a1ee319dd6da8017e033b66890d319ef2ef6d66e5db1ba6daf79effb94a5a9b3572abd10edc52793f38cd8e36966e2500f4383551
-
SSDEEP
12288:rxyKITftT2WVWWhKi8KGwZLyXyPEO9nhW:rJkVamH8KzLyXGEsnhW
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
-
-
Target
bdxadsdk.jar
-
Size
153KB
-
MD5
7c380e2150d866fe0721919db9432577
-
SHA1
82b5692ce6f7055ed20c4bf4c7667e8f79314f3e
-
SHA256
f30b86fc90e6e7f5d5035c11b81b92bb1bf26e793a1854f61f50a38ac9f653b9
-
SHA512
55e6a121295bc3038288015c0da2483d02ae5d7e6d40e2216ee269ea20ff405587e0b257171d27c80ccbf3ee136e8ef81ee2e926645e4b940080c44fd4f8a45c
-
SSDEEP
3072:cI54TLe8O9e3xxilnIbiUq0zCGpkkAJ1wOUOs8mI5zBvJmSn9fzF9kQ/:r5P8QWilnaikf3IwOUbRaVF93
Score1/10 -
-
-
Target
2.apk
-
Size
638KB
-
MD5
7bec4da4ec9e8593e7e2f4ed3d538685
-
SHA1
8d8c2be5dd63cfad21ac39e26d301511b98e65ca
-
SHA256
5c2593a7f1647e975e1fb318fdc8e36959248d461abe877e96e0601b9c683609
-
SHA512
7e77d18c636c5d347a5078d79e89d58fefaa59d7a3f96f25d9cc25c7a1bca53e263643b5d87a649818ad8ff4d8c853156f2f13b3a93be1c3b280fb35babc7289
-
SSDEEP
12288:7k+G4249VL+J6/xK+b0hbZnGNhSdHO8RJLhQXSPy+2mGmkek5grr6to9:4Y2YD4o0hbtuKLh+ms5gr3
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
-
-
Target
andashi_service.jar
-
Size
289KB
-
MD5
535475efa0071a51225593f51ead0ffe
-
SHA1
0d35002ddbc8afa5bc90d7ec0ed34cb54ce73dd0
-
SHA256
78d1312674c2b45f2524d87e82b4f9b674d8bb9e1d6e090521a174d1546aaa00
-
SHA512
9034bb6121e1e9cfb1f7594e900f89bb7f1932e1211fe0e955a8c4bd9b3787fc0eeba2a0e32bbdab69f49556c7bd809839574fd6754de136cd5b0558c023efd8
-
SSDEEP
6144:4zXgoFg+/+422gA/VVC2LOoUJ6/lveT+bkzsJCH/nsCb:4k+G4249VL+J6/xK+b0hl
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2