General
-
Target
91451cea3589211c691c39dfa8ee9296_JaffaCakes118
-
Size
4.8MB
-
Sample
240603-lcq7csaa4y
-
MD5
91451cea3589211c691c39dfa8ee9296
-
SHA1
aaef9b896bd8ce1afbeca706a748affc635cb76f
-
SHA256
f64e3527dd7a9fe72687fdb7b191ac55e21404a10a7823adf88558756f6261c8
-
SHA512
b52fed22943bdfe38cd9cfd0d7aa9cd74fedb2232f3f8ae9f5bc7d31b15c39e4baa44044e43e5a2f9b77dbb3fd560f4e6164e9862582f98ed99b32621e515631
-
SSDEEP
98304:V9azSX1djQ2vZdvZirT2JNqGqe8ewMbBpiX4IOJLQ0V6:V7f7xVW2JUG9KMqX4IOL6
Static task
static1
Behavioral task
behavioral1
Sample
91451cea3589211c691c39dfa8ee9296_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
91451cea3589211c691c39dfa8ee9296_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
91451cea3589211c691c39dfa8ee9296_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
launcher3.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
launcher3.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
91451cea3589211c691c39dfa8ee9296_JaffaCakes118
-
Size
4.8MB
-
MD5
91451cea3589211c691c39dfa8ee9296
-
SHA1
aaef9b896bd8ce1afbeca706a748affc635cb76f
-
SHA256
f64e3527dd7a9fe72687fdb7b191ac55e21404a10a7823adf88558756f6261c8
-
SHA512
b52fed22943bdfe38cd9cfd0d7aa9cd74fedb2232f3f8ae9f5bc7d31b15c39e4baa44044e43e5a2f9b77dbb3fd560f4e6164e9862582f98ed99b32621e515631
-
SSDEEP
98304:V9azSX1djQ2vZdvZirT2JNqGqe8ewMbBpiX4IOJLQ0V6:V7f7xVW2JUG9KMqX4IOL6
Score1/10 -
-
-
Target
launcher3.apk
-
Size
4.0MB
-
MD5
9e164feeb01f6420fec87e069e42326a
-
SHA1
ccddcfc2ff287855bee059c0a591f4ce6bb6a4b0
-
SHA256
89989a05630ecc7bd7be28ed77f9cbfd1c74a5612aa7c4470bf1e977132afb80
-
SHA512
6bf5021114a47fc59e89dfcb19b5c07a2e195c90962a2d8a30891d7369251cc25dedfb13b0dbe1b480e6f649620fdad91cb956357330ada59d1e771adcc1015c
-
SSDEEP
98304:e9azSX1djQ2vZdvZirT2JNqGqe8ewMbBpiX4IOJLk:e7f7xVW2JUG9KMqX4IOG
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads the content of SMS inbox messages.
-
Reads the content of the SMS messages.
-
Reads the content of the call log.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Changes the wallpaper (common with ransomware activity)
-