General
-
Target
afd4b67b2f23f688df40929b18d6124c_JaffaCakes118
-
Size
28.5MB
-
Sample
240615-xcna9a1ckg
-
MD5
afd4b67b2f23f688df40929b18d6124c
-
SHA1
8f37d2957e9a4c405ced4ac782f5cadfbbe85645
-
SHA256
99c9e3c2dc13326ab673ad980d560c345bca9d4730215a31e39974303ad0fbe2
-
SHA512
4751c502a1f5422e6011e0fc9bc8b47800765ea4b1bf62eac6d28124ede44a0a24f38e10cd1af46479ed30b34fa6a593ba48b62817b92e391a3988420e8dc86f
-
SSDEEP
786432:8KiNRdOm+4rivSUHBVBXkA+x0/GwCeLZ+Q2tBn43:8/Re4rKS0u2stBa
Static task
static1
Behavioral task
behavioral1
Sample
afd4b67b2f23f688df40929b18d6124c_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Malware Config
Targets
-
-
Target
afd4b67b2f23f688df40929b18d6124c_JaffaCakes118
-
Size
28.5MB
-
MD5
afd4b67b2f23f688df40929b18d6124c
-
SHA1
8f37d2957e9a4c405ced4ac782f5cadfbbe85645
-
SHA256
99c9e3c2dc13326ab673ad980d560c345bca9d4730215a31e39974303ad0fbe2
-
SHA512
4751c502a1f5422e6011e0fc9bc8b47800765ea4b1bf62eac6d28124ede44a0a24f38e10cd1af46479ed30b34fa6a593ba48b62817b92e391a3988420e8dc86f
-
SSDEEP
786432:8KiNRdOm+4rivSUHBVBXkA+x0/GwCeLZ+Q2tBn43:8/Re4rKS0u2stBa
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-