f5ccb567b2804f016c6b16e71e0c470b289f76114a6a83a39b5ab33f1879b79e | Triage

Submit
Reports

Overview

overview

7

Static

static

6

a803114956...18.apk

android-9-x86

7

res.apk

android-9-x86

res.apk

android-10-x64

res.apk

android-11-x64

Sharing

General

Target

a8031149562d141b180746ee0c0ac835_JaffaCakes118
Size

6.0MB
Sample

240614-e4av5aygkl
MD5

a8031149562d141b180746ee0c0ac835
SHA1

0c3fd8f0a4e3c48a600ee2d14e48244afa37e9b6
SHA256

f5ccb567b2804f016c6b16e71e0c470b289f76114a6a83a39b5ab33f1879b79e
SHA512

450931418270e3ff4d9ee49dab0881d2141ccf41e5a5da37032e5d250ba7b989b69511c0f099813bb70a7ebfd90c225a70fb0c7f64505b11cd160e7cb6cd4e98
SSDEEP

196608:kVmL9Wcg2ryhhuRXFpYAvpn6bo30/+Wy2y3R1dVMZGylslU0:kVmL9Wcg7h41pXH3m+Wih1fMZGylslU0

Score

7^/10

android collection discovery evasion persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a8031149562d141b180746ee0c0ac835_JaffaCakes118.apk

Resource

android-x86-arm-20240611.1-en

collection discovery evasion persistence

android-9-x86

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

res.apk

Resource

android-x86-arm-20240611.1-en

android-9-x86

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

res.apk

Resource

android-x64-20240611.1-en

android-10-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

res.apk

Resource

android-x64-arm64-20240611.1-en

android-11-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  a8031149562d141b180746ee0c0ac835_JaffaCakes118
- Size
  
  6.0MB
- MD5
  
  a8031149562d141b180746ee0c0ac835
- SHA1
  
  0c3fd8f0a4e3c48a600ee2d14e48244afa37e9b6
- SHA256
  
  f5ccb567b2804f016c6b16e71e0c470b289f76114a6a83a39b5ab33f1879b79e
- SHA512
  
  450931418270e3ff4d9ee49dab0881d2141ccf41e5a5da37032e5d250ba7b989b69511c0f099813bb70a7ebfd90c225a70fb0c7f64505b11cd160e7cb6cd4e98
- SSDEEP
  
  196608:kVmL9Wcg2ryhhuRXFpYAvpn6bo30/+Wy2y3R1dVMZGylslU0:kVmL9Wcg7h41pXH3m+Wih1fMZGylslU0
Score

7^/10

collection discovery evasion persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Reads the content of SMS inbox messages.
  collection
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1
- Target
  
  res.bin
- Size
  
  129KB
- MD5
  
  010166dfc3a5f1b202133361935bf26b
- SHA1
  
  9a67807ee55adde22fc4064f2a476af4bafcd482
- SHA256
  
  ea62acea0e015b54b1a0c2b997417059af3d053d44baf61861571a28246fa7cc
- SHA512
  
  b5525dedf1c384dd144bd71e9b8c131e39f62471ef77ae3c6d651a84aecae666699cfb49bf0d7afb4408d98fea1c9358e26fbbb2faac657bc0cff5ca5dc5b67e
- SSDEEP
  
  3072:AxfQrGKuVqeI81ZfIH6tEx2t/7SKYUqcgvApEjtd9eKs8:oQr8qWLm6yx4/7S+Xg4pENer8
Score

1^/10
behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

collectiondiscoveryevasionpersistence

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy