General
-
Target
9ff8754a19ca56332f7fbfa281cad68b_JaffaCakes118
-
Size
9.3MB
-
Sample
240612-jzd47svgqj
-
MD5
9ff8754a19ca56332f7fbfa281cad68b
-
SHA1
59f8d8e7ad9e533508db796439416593ad313d0e
-
SHA256
c3560aff0e8f27b66eaa9044c25e2e27df3c851559521623eee916c40bdb72fe
-
SHA512
51facd4a7d94b7859520e26ff416372d367f30c9611b8500b4d84e8028f71b5b67b5f0dff1cf6dcb371e161f68b9041990427e6e30774e9345c7102c56027b47
-
SSDEEP
196608:Ap1cW+7oARKnzTq/EEXn+xTgRpit3dbKBH3aI1tKKrwoPrc8f:21QUqKnzTBOn2gO9EtKI1YKrwoP48f
Static task
static1
Behavioral task
behavioral1
Sample
9ff8754a19ca56332f7fbfa281cad68b_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral3
Sample
bdxadsdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral4
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral5
Sample
gdtadv2.apk
Resource
android-x86-arm-20240611.1-en
Malware Config
Targets
-
-
Target
9ff8754a19ca56332f7fbfa281cad68b_JaffaCakes118
-
Size
9.3MB
-
MD5
9ff8754a19ca56332f7fbfa281cad68b
-
SHA1
59f8d8e7ad9e533508db796439416593ad313d0e
-
SHA256
c3560aff0e8f27b66eaa9044c25e2e27df3c851559521623eee916c40bdb72fe
-
SHA512
51facd4a7d94b7859520e26ff416372d367f30c9611b8500b4d84e8028f71b5b67b5f0dff1cf6dcb371e161f68b9041990427e6e30774e9345c7102c56027b47
-
SSDEEP
196608:Ap1cW+7oARKnzTq/EEXn+xTgRpit3dbKBH3aI1tKKrwoPrc8f:21QUqKnzTBOn2gO9EtKI1YKrwoP48f
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks Qemu related system properties.
Checks for Android system properties related to Qemu for Emulator detection.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
bdxadsdk.jar
-
Size
195KB
-
MD5
c3b999326b7187bdd85fd971f93376d6
-
SHA1
978fa76710506b2aa2dc1502e2697355cc64e34e
-
SHA256
555e565b45d2b030652d914830ad427d15182797886316024a2f04df6ac81d5e
-
SHA512
240981a457a3df5ce7f51ae1e0b323efc37b349a261e21d52ef8e9256d758f5c7dd4bcd6411ca2dc247de1beec2ad1a0f7f49d2370971c8c65f95b0d6c14b31e
-
SSDEEP
3072:bFg/OTNG1obNXB45vAEsreszccGiXzU+wtBJPkyzy4H/mqku/DjEWKVQNCDu:u/Ow+x69ftc9XzStBJ8y5mqkYDjv3Gu
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
420KB
-
MD5
f0ee7f7dd1ef4e5cd436ed6e1c609e5a
-
SHA1
7d112abb7896294b075721b0200f0812ed65a418
-
SHA256
0906bca7332f10d1bdc98b04eb5ad9de2af5da0590b5615aa5f66852b78d9369
-
SHA512
5912538f74fcbe24bba5e3eef2804fd160ccd002bf144e30dd910c9d52d6a3e2dc172a3baa1f6d64ed93346a9b1d4760ae17ec6d1c7c8a4de8cb9264b82bf2be
-
SSDEEP
6144:mQCx8Rp2KiQB/B4Qfdw3Vr/+rwWTLAUq3PwB32k59CruFIBSSAOC8hkIwx:ok/z/BJfdUW8W8ho4k59tSaOCckIS
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
4System Checks
4