General
-
Target
9140986b805a5582f5e071dfb76f94d9_JaffaCakes118
-
Size
5.9MB
-
Sample
240603-k8wlaahh51
-
MD5
9140986b805a5582f5e071dfb76f94d9
-
SHA1
d00cc345916ebbb9299b45f81e7af056b161af7f
-
SHA256
d2139ab5f76dd6f5881260dc79113cca5c7a591891fa5cf6edf373a426de8f4d
-
SHA512
2ee0cabf749a699d33371cbc2be22ccc0713bd6960945a5f5d91a2d2ccb4394eb655cd63cac2088dbb4a6078242c4b28861b39980f2cb06c0e15dff1e668b00c
-
SSDEEP
98304:OemGwKfKK+7BNygvtLMsTOf4uXJvUfjetu3vnLC6IsabUn1Arfaur1Y6dsm+2dL4:rbfodNyAmsTOZX14jes3fLjV/gZm621B
Static task
static1
Behavioral task
behavioral1
Sample
9140986b805a5582f5e071dfb76f94d9_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
9140986b805a5582f5e071dfb76f94d9_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
9140986b805a5582f5e071dfb76f94d9_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
9140986b805a5582f5e071dfb76f94d9_JaffaCakes118
-
Size
5.9MB
-
MD5
9140986b805a5582f5e071dfb76f94d9
-
SHA1
d00cc345916ebbb9299b45f81e7af056b161af7f
-
SHA256
d2139ab5f76dd6f5881260dc79113cca5c7a591891fa5cf6edf373a426de8f4d
-
SHA512
2ee0cabf749a699d33371cbc2be22ccc0713bd6960945a5f5d91a2d2ccb4394eb655cd63cac2088dbb4a6078242c4b28861b39980f2cb06c0e15dff1e668b00c
-
SSDEEP
98304:OemGwKfKK+7BNygvtLMsTOf4uXJvUfjetu3vnLC6IsabUn1Arfaur1Y6dsm+2dL4:rbfodNyAmsTOZX14jes3fLjV/gZm621B
Score8/10-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-