General
-
Target
afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118
-
Size
4.9MB
-
Sample
240615-ws8fpazdqa
-
MD5
afb98f0c27e234d4eb68355dc33099b7
-
SHA1
2b6aca4b56e2c0f265568dfa00b630c0de180109
-
SHA256
1bba1da3f9df37c9c47fba04ec9c63ec389c2c3984d7e300c7e535b3970a0729
-
SHA512
664b2fdb4666c1b95e1f85930b7a07b82ef502d44af4d03c2dcbfc08b97c1917f83edb4c8f7ba490aff945f9e7c77e3595a23e34d48329a8d4c37f9e9601b31f
-
SSDEEP
98304:pZUjAlOjAw+aBC7ZmCJ+j+79O+oH13Hmx6SvGESVuf:QsOvr0YCMOO+oHBGx6SWV6
Static task
static1
Behavioral task
behavioral1
Sample
afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
afb98f0c27e234d4eb68355dc33099b7_JaffaCakes118
-
Size
4.9MB
-
MD5
afb98f0c27e234d4eb68355dc33099b7
-
SHA1
2b6aca4b56e2c0f265568dfa00b630c0de180109
-
SHA256
1bba1da3f9df37c9c47fba04ec9c63ec389c2c3984d7e300c7e535b3970a0729
-
SHA512
664b2fdb4666c1b95e1f85930b7a07b82ef502d44af4d03c2dcbfc08b97c1917f83edb4c8f7ba490aff945f9e7c77e3595a23e34d48329a8d4c37f9e9601b31f
-
SSDEEP
98304:pZUjAlOjAw+aBC7ZmCJ+j+79O+oH13Hmx6SvGESVuf:QsOvr0YCMOO+oHBGx6SWV6
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-