General
-
Target
9533805cb9a0915a4c02a2557bd98427_JaffaCakes118
-
Size
10.4MB
-
Sample
240604-rxg23sah44
-
MD5
9533805cb9a0915a4c02a2557bd98427
-
SHA1
4537b724344be20e2b3535714c30abc0cb564e26
-
SHA256
465ffd105008e95e9e9fc445bf0c91b277d1b0f52be8d595c7515e81b6d9cb69
-
SHA512
df7e38a8391d5e5ad565d5ff5d172966a4bef931609a8a7ba09c245f151efcdd7d0584fed53d9b7b9fa1075a2e9ccc754d2a7f25d975efdfe530b09c379cb68e
-
SSDEEP
196608:whVl2m2CvGlCzAR0HVLylASZhLALddvJk3cs1PQI6JdYyM:wERkmCqCVWAzxJJWfQI6JdC
Static task
static1
Behavioral task
behavioral1
Sample
9533805cb9a0915a4c02a2557bd98427_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
9533805cb9a0915a4c02a2557bd98427_JaffaCakes118.apk
Resource
android-x64-arm64-20240603-en
Malware Config
Targets
-
-
Target
9533805cb9a0915a4c02a2557bd98427_JaffaCakes118
-
Size
10.4MB
-
MD5
9533805cb9a0915a4c02a2557bd98427
-
SHA1
4537b724344be20e2b3535714c30abc0cb564e26
-
SHA256
465ffd105008e95e9e9fc445bf0c91b277d1b0f52be8d595c7515e81b6d9cb69
-
SHA512
df7e38a8391d5e5ad565d5ff5d172966a4bef931609a8a7ba09c245f151efcdd7d0584fed53d9b7b9fa1075a2e9ccc754d2a7f25d975efdfe530b09c379cb68e
-
SSDEEP
196608:whVl2m2CvGlCzAR0HVLylASZhLALddvJk3cs1PQI6JdYyM:wERkmCqCVWAzxJJWfQI6JdC
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
3System Checks
3