586b83196e48c3399e03264447acacb2d39d2cfbae6541df48a9a325e8480fcc | Triage

Submit
Reports

Overview

overview

8

Static

static

6

a82a05489d...18.apk

android-9-x86

8

a82a05489d...18.apk

android-10-x64

8

a82a05489d...18.apk

android-11-x64

8

Sharing

General

Target

a82a05489d6d4a5305ba7b763853c2fa_JaffaCakes118
Size

10.6MB
Sample

240614-f8alla1anm
MD5

a82a05489d6d4a5305ba7b763853c2fa
SHA1

2764d4065c3b34b6b402434f1a8a5f1889db171a
SHA256

586b83196e48c3399e03264447acacb2d39d2cfbae6541df48a9a325e8480fcc
SHA512

ff7a72fecee0b69e53c1b830700c68cb67f57e5afa3125ddc5a18d7c14c0bd5bd705ebf64891be874f8ccf842660ee72f19cecc26ace02e0ab3f3865d134fe28
SSDEEP

196608:pGRzel+BgXI/H5qgH5AM3/X78oa/5uS5MM+rvSTh9m:ARvRZ5t3/Xs/kS+++

Score

8^/10

android discovery evasion impact persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a82a05489d6d4a5305ba7b763853c2fa_JaffaCakes118.apk

Resource

android-x86-arm-20240611.1-en

discovery evasion impact persistence

android-9-x86

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a82a05489d6d4a5305ba7b763853c2fa_JaffaCakes118.apk

Resource

android-x64-20240611.1-en

discovery evasion impact persistence

android-10-x64

11 signatures

150 seconds

Behavioral task

behavioral3

Sample

a82a05489d6d4a5305ba7b763853c2fa_JaffaCakes118.apk

Resource

android-x64-arm64-20240611.1-en

discovery evasion impact

android-11-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  a82a05489d6d4a5305ba7b763853c2fa_JaffaCakes118
- Size
  
  10.6MB
- MD5
  
  a82a05489d6d4a5305ba7b763853c2fa
- SHA1
  
  2764d4065c3b34b6b402434f1a8a5f1889db171a
- SHA256
  
  586b83196e48c3399e03264447acacb2d39d2cfbae6541df48a9a325e8480fcc
- SHA512
  
  ff7a72fecee0b69e53c1b830700c68cb67f57e5afa3125ddc5a18d7c14c0bd5bd705ebf64891be874f8ccf842660ee72f19cecc26ace02e0ab3f3865d134fe28
- SSDEEP
  
  196608:pGRzel+BgXI/H5qgH5AM3/X78oa/5uS5MM+rvSTh9m:ARvRZ5t3/Xs/kS+++
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

discoveryevasionimpactpersistence

behavioral3

discoveryevasionimpact

© 2018-2024

Terms | Privacy