General
-
Target
ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118
-
Size
1.4MB
-
Sample
240614-z172nswdlf
-
MD5
ab7cbe5faec3d964479537a5967ad70c
-
SHA1
9721ca1ae5936030c9303e78e7954c779a8bf7da
-
SHA256
e88995104eb72670f3435f982d2657cf93ffb3621d865dc66ac3882a4c9959b4
-
SHA512
0866427af5b15fd5cf7252fa42696901702844385727573b355574cf2e53f2d25384df7bc0c3af701476cb16cd9c13bce04d75e8a2faa66fa0c1f398756873e3
-
SSDEEP
24576:+2SmX5SlbFFae3cGIR2+G8KJNvQvfCBc7bRfEVojaA0zhRzFksGmn5SIe1Hku7Yw:V5SlBFbIR2eKLvQvEcvpEyT0msGmn5cl
Static task
static1
Behavioral task
behavioral1
Sample
ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral4
Sample
__pasys_remote_banner.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral5
Sample
__pasys_remote_banner.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral6
Sample
__pasys_remote_banner.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
ab7cbe5faec3d964479537a5967ad70c_JaffaCakes118
-
Size
1.4MB
-
MD5
ab7cbe5faec3d964479537a5967ad70c
-
SHA1
9721ca1ae5936030c9303e78e7954c779a8bf7da
-
SHA256
e88995104eb72670f3435f982d2657cf93ffb3621d865dc66ac3882a4c9959b4
-
SHA512
0866427af5b15fd5cf7252fa42696901702844385727573b355574cf2e53f2d25384df7bc0c3af701476cb16cd9c13bce04d75e8a2faa66fa0c1f398756873e3
-
SSDEEP
24576:+2SmX5SlbFFae3cGIR2+G8KJNvQvfCBc7bRfEVojaA0zhRzFksGmn5SIe1Hku7Yw:V5SlBFbIR2eKLvQvEcvpEyT0msGmn5cl
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
__pasys_remote_banner.jar
-
Size
114KB
-
MD5
2ad9fb4b2d9b333883b7e38f61c2fd2f
-
SHA1
5b85041452d173ed0d81d25b9ca78608a998e328
-
SHA256
b9310a99f1b60959f6b725eea74623dc491adec55da740c17e8c7e02f35818f5
-
SHA512
6fc04e1e22ebf8920b4928a8086cf3e0814d155f79f80d71622916f6a0911262382710e5ee2acea653db4b387730e201134592cb9992b14f3aef8b09d83bda90
-
SSDEEP
3072:9cU7bD2h2Z5ecVpoj8eVJBl52Dx9yW0jv2gspIn:m8n28Z5eAs8S73InyWmug9
Score1/10 -