General
-
Target
91d2a2d4849a118932c9fa76371f0a55_JaffaCakes118
-
Size
17.3MB
-
Sample
240603-pw8gjagb39
-
MD5
91d2a2d4849a118932c9fa76371f0a55
-
SHA1
b5b35b2d8ff742342494a671b96c67029b363cad
-
SHA256
ae7b906cb83eb594b1b32b4876d942caafc87ee3a67594c2496fba3650a04f53
-
SHA512
72a7f7c7726bce981c0bda0385ff1ac4b0db20e9cef043612f2a6e808230d9840a74f632f98aa9ddca38cac0796152aa697ba292a792e8115a582ccef48b34bf
-
SSDEEP
393216:8USQx/llGbJ2uTXk4kkETD8FFtNDGyUa2Y:8bEu5XpLE2tNK/1Y
Static task
static1
Behavioral task
behavioral1
Sample
91d2a2d4849a118932c9fa76371f0a55_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
91d2a2d4849a118932c9fa76371f0a55_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
91d2a2d4849a118932c9fa76371f0a55_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
cha.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
cha.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral6
Sample
cha.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral7
Sample
com.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral8
Sample
com.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral9
Sample
com.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
91d2a2d4849a118932c9fa76371f0a55_JaffaCakes118
-
Size
17.3MB
-
MD5
91d2a2d4849a118932c9fa76371f0a55
-
SHA1
b5b35b2d8ff742342494a671b96c67029b363cad
-
SHA256
ae7b906cb83eb594b1b32b4876d942caafc87ee3a67594c2496fba3650a04f53
-
SHA512
72a7f7c7726bce981c0bda0385ff1ac4b0db20e9cef043612f2a6e808230d9840a74f632f98aa9ddca38cac0796152aa697ba292a792e8115a582ccef48b34bf
-
SSDEEP
393216:8USQx/llGbJ2uTXk4kkETD8FFtNDGyUa2Y:8bEu5XpLE2tNK/1Y
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
cha.so
-
Size
76KB
-
MD5
d48d1590f246947f64581b37bd6b2b92
-
SHA1
1e6ce734ff1b1ffe27e8e8a8894a621eb4c7487e
-
SHA256
a9d29004ce7b52c1c27dd431cfbcb45c36ed5a9cc7287bb3247160c9114a8286
-
SHA512
fe170c67b1ca7555cd66c39bfab222f842777364a762241d43f1970ca0323784568c1bb7da3d15a888cfbeab0c538b856a8c0f52ccc9520605b5176495266ef7
-
SSDEEP
1536:pLUD/U74EXKlo5Mlbqok+0rDHZIbNzKJ5W0wcd1F:pL6/U0IKlYMsok+0PHZIhmXW0jd1F
Score7/10-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Checks if the internet connection is available
-
Reads information about phone network operator.
-
-
-
Target
com.so
-
Size
60KB
-
MD5
62d8205952d64fc042b3654983e1d747
-
SHA1
e195f0888d125db05a2e3d0393ebed8ce396e4a8
-
SHA256
43b79a4340d061dac86c5869f194d0ee3ce845c32d666ec22a6caf17ab1c32a5
-
SHA512
a55eb56d7e3bd47253eda42515beb09f3ae26a61472a6ac12248750a7fac1cc13934842de5a680b9d39d10cf349e383245662c42de69c87b44680f187c0f63ed
-
SSDEEP
1536:fJZJgpCDW/WvLJRZyL7JEVRrXJUrbPlc6W5OY:hzDzLNyJEerzypcY
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2