General
-
Target
adfab372e028de794eb0d6941aa88ac4_JaffaCakes118
-
Size
20.2MB
-
Sample
240615-mfcntaxbld
-
MD5
adfab372e028de794eb0d6941aa88ac4
-
SHA1
a301328904839a170f67e3ba7397ab2337218a4b
-
SHA256
6be4829aacf90da812de2674d7983a2a45ddaa94b855f27dbef73d4c5226b7ae
-
SHA512
a752d585ca7b38400a0a9a6968572ce0e1a500e8b50d5969ee9f559033334e860bd57bfda8eb8bdc76162e28ec9af7b8453fcb664365bc0998e5f93740fdb5c0
-
SSDEEP
393216:rPYRR8zvrLDBgjudtrIfxkYEPbNnwjGmX55CD7webFJPFTXy7bJ:rPK+vDBaU1IfrEPZnwjn55QweS
Static task
static1
Behavioral task
behavioral1
Sample
adfab372e028de794eb0d6941aa88ac4_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
adfab372e028de794eb0d6941aa88ac4_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
bdxadsdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral6
Sample
gdtadv2.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral7
Sample
gdtadv2.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral8
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
adfab372e028de794eb0d6941aa88ac4_JaffaCakes118
-
Size
20.2MB
-
MD5
adfab372e028de794eb0d6941aa88ac4
-
SHA1
a301328904839a170f67e3ba7397ab2337218a4b
-
SHA256
6be4829aacf90da812de2674d7983a2a45ddaa94b855f27dbef73d4c5226b7ae
-
SHA512
a752d585ca7b38400a0a9a6968572ce0e1a500e8b50d5969ee9f559033334e860bd57bfda8eb8bdc76162e28ec9af7b8453fcb664365bc0998e5f93740fdb5c0
-
SSDEEP
393216:rPYRR8zvrLDBgjudtrIfxkYEPbNnwjGmX55CD7webFJPFTXy7bJ:rPK+vDBaU1IfrEPZnwjn55QweS
Score8/10-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
bdxadsdk.jar
-
Size
195KB
-
MD5
c3b999326b7187bdd85fd971f93376d6
-
SHA1
978fa76710506b2aa2dc1502e2697355cc64e34e
-
SHA256
555e565b45d2b030652d914830ad427d15182797886316024a2f04df6ac81d5e
-
SHA512
240981a457a3df5ce7f51ae1e0b323efc37b349a261e21d52ef8e9256d758f5c7dd4bcd6411ca2dc247de1beec2ad1a0f7f49d2370971c8c65f95b0d6c14b31e
-
SSDEEP
3072:bFg/OTNG1obNXB45vAEsreszccGiXzU+wtBJPkyzy4H/mqku/DjEWKVQNCDu:u/Ow+x69ftc9XzStBJ8y5mqkYDjv3Gu
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
241KB
-
MD5
b95166c2f63e536b6fc4b5b811444dec
-
SHA1
45fc74323bb2e66f4c2a493b65b70e0de2aeb77c
-
SHA256
2f92b98f55c7d4417dff3fc2af9245c66aad3ab8be65177954ed7a4f13bae20d
-
SHA512
65eb813d39270d83e6d43956ec139f04779dbea58e517da1727a0f4fad9de32bb4cd49bed1dc1fec31b95a95b1c653c22b327aa38cba1645330c9d256d94c087
-
SSDEEP
6144:KRKhU/uUwjTCpnUjgWkiCBliWLvghUhSj4qj80Gq7JqBGK:KoUmUgenUjwBl1jgVjJ57IBl
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
3System Checks
3