General
-
Target
91146397123037428cffc9bc080840d6_JaffaCakes118
-
Size
28.5MB
-
Sample
240603-j5fj8agh3s
-
MD5
91146397123037428cffc9bc080840d6
-
SHA1
559e4113fbd1d567304d4dedb7a6a8feaf01ac9f
-
SHA256
9ecaf993b4ec33581bffe68d6ba631e4bda09057138d581a492a27dcaf96bcab
-
SHA512
d1d584754996c05008eac6db0873ca9579ca86c9c25b877937e44b66d6f71135d4031bd038855ac5c6f54f6b47078b25cc716033428b7381b772ff82085bd614
-
SSDEEP
786432:YNykN1CSlLJdHQNytIseR7nS6PzOv+MW7YPYP44e+o:fkjRLJdwNKIse15S2MgYPYhk
Static task
static1
Behavioral task
behavioral1
Sample
91146397123037428cffc9bc080840d6_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
91146397123037428cffc9bc080840d6_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
91146397123037428cffc9bc080840d6_JaffaCakes118
-
Size
28.5MB
-
MD5
91146397123037428cffc9bc080840d6
-
SHA1
559e4113fbd1d567304d4dedb7a6a8feaf01ac9f
-
SHA256
9ecaf993b4ec33581bffe68d6ba631e4bda09057138d581a492a27dcaf96bcab
-
SHA512
d1d584754996c05008eac6db0873ca9579ca86c9c25b877937e44b66d6f71135d4031bd038855ac5c6f54f6b47078b25cc716033428b7381b772ff82085bd614
-
SSDEEP
786432:YNykN1CSlLJdHQNytIseR7nS6PzOv+MW7YPYP44e+o:fkjRLJdwNKIse15S2MgYPYhk
-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the phone number (MSISDN for GSM devices)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-