General
-
Target
b5483122890619306eab2641638948cc_JaffaCakes118
-
Size
30.4MB
-
Sample
240616-z9yjlayelc
-
MD5
b5483122890619306eab2641638948cc
-
SHA1
d46b98cd64696fd118f8503fc7f05049998cf165
-
SHA256
1a3f6e65144537cade0ec2d987f6dc6dda488cc73bc8c62335f5f9588d87ee0d
-
SHA512
c08ceda0eab4ed0a59f9e036fc0cef753826cbd013a75083fd82bb3321989337ed03517b9c61b5dcf1a6c65cfaab4480495d2091d21e0679b9042aaed21ed5d0
-
SSDEEP
786432:Va7dL3i51ZajCplsHuu07R+EMs1u6R7cPl:+E1EC8ODdb1u6Sd
Static task
static1
Behavioral task
behavioral1
Sample
b5483122890619306eab2641638948cc_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
b5483122890619306eab2641638948cc_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
tsplustheme.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
tsplustheme.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
tsplustheme.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
b5483122890619306eab2641638948cc_JaffaCakes118
-
Size
30.4MB
-
MD5
b5483122890619306eab2641638948cc
-
SHA1
d46b98cd64696fd118f8503fc7f05049998cf165
-
SHA256
1a3f6e65144537cade0ec2d987f6dc6dda488cc73bc8c62335f5f9588d87ee0d
-
SHA512
c08ceda0eab4ed0a59f9e036fc0cef753826cbd013a75083fd82bb3321989337ed03517b9c61b5dcf1a6c65cfaab4480495d2091d21e0679b9042aaed21ed5d0
-
SSDEEP
786432:Va7dL3i51ZajCplsHuu07R+EMs1u6R7cPl:+E1EC8ODdb1u6Sd
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Checks Qemu related system properties.
Checks for Android system properties related to Qemu for Emulator detection.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
-
-
Target
tsplustheme.skin
-
Size
1.3MB
-
MD5
cfc1029d035de2ce5d9f7bedaf3109f8
-
SHA1
9b578111bb1cdfa0fb7f8315151fcc59bf2e545b
-
SHA256
d4a23783a8cdd83e87cff2d0aa0116ff634811af295dc70dda03f4485305f9f3
-
SHA512
f154e0059482652965dca01d1932ae182bf0e901a82d8566b953cc81a002ba93a18424bfc687e261659636357be5b3f805ec2f6e90c9877bba1a84f8ca6a0a74
-
SSDEEP
24576:Q8eqVX5fVIm1Qfi72SsKVdPCUmXQOOtwlxzwJhwgt3/JNI9caFcqS:bPwqQUMKVdPCUmXpOtwxzwJhwgt3BNIk
Score1/10 -