General
-
Target
990151a54b7c092a62d9878755300e22_JaffaCakes118
-
Size
25.1MB
-
Sample
240605-xwrssafa9z
-
MD5
990151a54b7c092a62d9878755300e22
-
SHA1
3a5b1a23dd8ad556242073ff21e55287af2b27c5
-
SHA256
954d32c058053dd95bd7da6f16438bcee7a7daa257adeed6fcef0dbc961fc298
-
SHA512
9bf2297910971597faf5900e6371e96bf4885df43a9cf3f986e135271aa4f5ec2fe5f1bc92ef3f4d927dc033db7070f1fcb3d733892b60e62acb069ac089d7f6
-
SSDEEP
393216:D1slu3JlxnhOkwxYE5qU8GXRbs8Re4ebtAYuzR12QCwHlFY+rpd1T8XLgwDnUhlK:ZslOhB8X5jVhbMK1SvwHHddTOWvCL
Static task
static1
Behavioral task
behavioral1
Sample
990151a54b7c092a62d9878755300e22_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
ad_patch.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral3
Sample
ad_patch.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral4
Sample
ad_patch.apk
Resource
android-x64-arm64-20240603-en
Behavioral task
behavioral5
Sample
box.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral6
Sample
box.apk
Resource
android-x64-20240603-en
Malware Config
Targets
-
-
Target
990151a54b7c092a62d9878755300e22_JaffaCakes118
-
Size
25.1MB
-
MD5
990151a54b7c092a62d9878755300e22
-
SHA1
3a5b1a23dd8ad556242073ff21e55287af2b27c5
-
SHA256
954d32c058053dd95bd7da6f16438bcee7a7daa257adeed6fcef0dbc961fc298
-
SHA512
9bf2297910971597faf5900e6371e96bf4885df43a9cf3f986e135271aa4f5ec2fe5f1bc92ef3f4d927dc033db7070f1fcb3d733892b60e62acb069ac089d7f6
-
SSDEEP
393216:D1slu3JlxnhOkwxYE5qU8GXRbs8Re4ebtAYuzR12QCwHlFY+rpd1T8XLgwDnUhlK:ZslOhB8X5jVhbMK1SvwHHddTOWvCL
Score1/10 -
-
-
Target
ad_patch.jar
-
Size
620KB
-
MD5
2f4642c5020386f6633a3a7f7d7391a0
-
SHA1
ff96dd7cb192d0e592f51cb7fa91efbdfa04e2a7
-
SHA256
de35da24985817ef097731d8df8eaa800efbd10287ab27f318451409dc9985f1
-
SHA512
a82754b0e6c70f8b713e51ae87dda3c2511cc7d9aba328d9942e60dbd714b2e93093b491b80e6b69295d764ee3cebffa6fc4bc3f43fb3f70ca6ef78017326a3e
-
SSDEEP
12288:IRdF21PvWTkn7MK9EG1jE0XbKum8LjACnDu:IHI9wkb7jEEbKum8PAyK
Score1/10 -
-
-
Target
box.apk
-
Size
7.9MB
-
MD5
3b2552f1500c0350f5794498f0ae5f66
-
SHA1
4ed58bb07c2daa319f4efd9de5197424aa61a087
-
SHA256
ed7003c639937e219d7bd4b280f6bd169eaeef37ad0d5aca54fe54ac43091329
-
SHA512
05e562e99df0dd8773114089f72bd2d086046ec8600e957470b74f26dee0b0ededff276079168a0af5c72d1ad4264598eb6b974fdf1f2be0c1f8af0f13b810b1
-
SSDEEP
196608:Hq+oqfwgLSdjDNu3dxVKHO5gCa8Dg5jh9:foNWSdjpeTGCa8An
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-