General
-
Target
929b6a4a5544cda2148fd8a8e10f3082_JaffaCakes118
-
Size
9.8MB
-
Sample
240603-v19s2sdf31
-
MD5
929b6a4a5544cda2148fd8a8e10f3082
-
SHA1
d005d79f6178c2350f6b6caaa2c07c98dec7f2d1
-
SHA256
bb93a0924261a65cbf16d02f6bee33df6d8413a0722ae91cbf4347ad0c1a70f4
-
SHA512
f814258769750a4ddeedd5c19a4e77b3131e88ae33f036384d3575db5ecfffd9dfb016c0658f1011e0b680d537808e23c6eacefb5fa2121245da39f5f3e090e2
-
SSDEEP
196608:MYQbxhMlGAIDzpvUdUcp7nblQbWWOIFi/PmlqPyjuQpoBna4jaWT/Ge:MfhX9vUdUwnxQi5IpIPYoo42WT/Ge
Static task
static1
Behavioral task
behavioral1
Sample
929b6a4a5544cda2148fd8a8e10f3082_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
929b6a4a5544cda2148fd8a8e10f3082_JaffaCakes118.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
alipay-msp-3.5.4-pro-1000089-baihe-201306191624.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral4
Sample
mtll.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral5
Sample
mtll.apk
Resource
android-x64-20240603-en
Malware Config
Targets
-
-
Target
929b6a4a5544cda2148fd8a8e10f3082_JaffaCakes118
-
Size
9.8MB
-
MD5
929b6a4a5544cda2148fd8a8e10f3082
-
SHA1
d005d79f6178c2350f6b6caaa2c07c98dec7f2d1
-
SHA256
bb93a0924261a65cbf16d02f6bee33df6d8413a0722ae91cbf4347ad0c1a70f4
-
SHA512
f814258769750a4ddeedd5c19a4e77b3131e88ae33f036384d3575db5ecfffd9dfb016c0658f1011e0b680d537808e23c6eacefb5fa2121245da39f5f3e090e2
-
SSDEEP
196608:MYQbxhMlGAIDzpvUdUcp7nblQbWWOIFi/PmlqPyjuQpoBna4jaWT/Ge:MfhX9vUdUwnxQi5IpIPYoo42WT/Ge
-
Checks if the Android device is rooted.
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Checks if the internet connection is available
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Reads information about phone network operator.
-
-
-
Target
alipay-msp-3.5.4-pro-1000089-baihe-201306191624.apk
-
Size
353KB
-
MD5
b609f3311efd7fdad2d91bf031371bb9
-
SHA1
452957785ed9cc60c5eb53c1221f12b0f3cb378d
-
SHA256
a29d3f4204593e407d449a1b24ac5a2bac1ed5c6f629aee08fca9edbe82d8a0e
-
SHA512
860b33b2dde1e86002c5474d2a522181f3b5cceb64b6adbeccad26790b3181bf80018e92f1437baaea67ff1f73d97b0c01359737fcca5f8fb7a06a625cd58b22
-
SSDEEP
6144:6kRbu+WYzK1ci+WdWN42xJNuTS3Ju3d273Rp5tPVKt9m8rpvCpCFJIm:6kpWYz0ci+OWxx7ro0htduNrpvCArD
Score8/10-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Checks if the internet connection is available
-
-
-
Target
mtll.apk
-
Size
998KB
-
MD5
c5b9eb69bec41ec105e17cb1d8325a16
-
SHA1
dbdc26167db479519f21b3ec7d3ec8ea719fc2bc
-
SHA256
659c7359f8527eacd4efcc57afaf97368ead255ef1beab4f861f740bdd655a98
-
SHA512
744c245ddf94c3a92243ac801948cb75b5962604c28b3cf726af57cbe24f9af786fdc8bdeca3ad2995f231c08321e0ee15fde3bee4d71b6e9b365299ff9f9b42
-
SSDEEP
24576:6635eywLnowen6nBM6/XebjrjqLKONRQyfes:66wTnRe6naYe/3qL5tfes
Score8/10-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2