General
-
Target
988f6442a1bedbf47d4520f5eb110415_JaffaCakes118
-
Size
16.2MB
-
Sample
240605-tfxsbabd5x
-
MD5
988f6442a1bedbf47d4520f5eb110415
-
SHA1
1e5f3af87836890bd3975c5d26553a6856092055
-
SHA256
c7734c5b20909c6586a5c2f9bf777cd49c579a07fc529f2d6a2c62d62e844a1c
-
SHA512
a0db5c3ffb5384e0fd583580cc41651fc305f6b939a7252aa0a9fab004bcafcefedeac1b3868115044d9efeb8d7550cb92e6d1bd0bbdf5f285df45bf16153b32
-
SSDEEP
393216:Jh6RvJs1/2qH2NkzBr/elB3FuiX4hhHRiWKWGS/VJOb7z5Uy9G:j6RvJqMkzBrwFj2HR5JxJOb7FUKG
Static task
static1
Behavioral task
behavioral1
Sample
988f6442a1bedbf47d4520f5eb110415_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Malware Config
Targets
-
-
Target
988f6442a1bedbf47d4520f5eb110415_JaffaCakes118
-
Size
16.2MB
-
MD5
988f6442a1bedbf47d4520f5eb110415
-
SHA1
1e5f3af87836890bd3975c5d26553a6856092055
-
SHA256
c7734c5b20909c6586a5c2f9bf777cd49c579a07fc529f2d6a2c62d62e844a1c
-
SHA512
a0db5c3ffb5384e0fd583580cc41651fc305f6b939a7252aa0a9fab004bcafcefedeac1b3868115044d9efeb8d7550cb92e6d1bd0bbdf5f285df45bf16153b32
-
SSDEEP
393216:Jh6RvJs1/2qH2NkzBr/elB3FuiX4hhHRiWKWGS/VJOb7z5Uy9G:j6RvJqMkzBrwFj2HR5JxJOb7FUKG
-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
3System Checks
3