General
-
Target
8fd583bf07d99790c44d01adb0e7ca19_JaffaCakes118
-
Size
8.9MB
-
Sample
240602-3nca1sbd3t
-
MD5
8fd583bf07d99790c44d01adb0e7ca19
-
SHA1
36e06cdeaac025c1fdf3eb39a2aaf3842ef734eb
-
SHA256
76b1fe4d88cddbd83ac9f28b6f5fa50475bc7f42bee869864e9dba3064dda1f2
-
SHA512
9bd00924d0a2a15cb61960f21ea145f196ce5ed0ef625ae698a228ac226a6b67da98c346aa66ff99b9e557be9a35384385074883ad0d7c4b80ed962d12b690d1
-
SSDEEP
196608:KJyHy8dHPZ7CXqZNr+6vA3CGiAXgTHeaIl0H3/hXiJhTo0sMrQAyK8lgxu+U8m9h:DHthPZ7Gc+A9THaO3xibTofMrQlv6hUZ
Static task
static1
Behavioral task
behavioral1
Sample
8fd583bf07d99790c44d01adb0e7ca19_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8fd583bf07d99790c44d01adb0e7ca19_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
8fd583bf07d99790c44d01adb0e7ca19_JaffaCakes118
-
Size
8.9MB
-
MD5
8fd583bf07d99790c44d01adb0e7ca19
-
SHA1
36e06cdeaac025c1fdf3eb39a2aaf3842ef734eb
-
SHA256
76b1fe4d88cddbd83ac9f28b6f5fa50475bc7f42bee869864e9dba3064dda1f2
-
SHA512
9bd00924d0a2a15cb61960f21ea145f196ce5ed0ef625ae698a228ac226a6b67da98c346aa66ff99b9e557be9a35384385074883ad0d7c4b80ed962d12b690d1
-
SSDEEP
196608:KJyHy8dHPZ7CXqZNr+6vA3CGiAXgTHeaIl0H3/hXiJhTo0sMrQAyK8lgxu+U8m9h:DHthPZ7Gc+A9THaO3xibTofMrQlv6hUZ
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-