General
-
Target
ba2b69d1af6627ef3c035bf816b6743f_JaffaCakes118
-
Size
15.0MB
-
Sample
240617-3tjmaayhjh
-
MD5
ba2b69d1af6627ef3c035bf816b6743f
-
SHA1
3f46df96abe2f63529427f9201e086fa05ca7639
-
SHA256
b283a7573149259deedd678e22cf5fe05a3012682de0d06d9362e168bfd0fd5b
-
SHA512
780dc478df750c325cbe8f6c0d9f5e1c0681fc9a579f4e4dd9d99de7a0ac0dc41b292698d03a22e44b061c172d2768691a1d6534f1e2a7e4d0225e112b5bf811
-
SSDEEP
393216:KYVQYosOG5PRJ4PuYN5QF33HRBUIO3AksAjNp8owFI:Z7oCkxNm33H75ObD8I
Static task
static1
Behavioral task
behavioral1
Sample
ba2b69d1af6627ef3c035bf816b6743f_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
aisdk_qtt.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral3
Sample
aisdk_qtt.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral4
Sample
aisdk_qtt.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral5
Sample
unpreverified.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral6
Sample
unpreverified.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral7
Sample
unpreverified.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
ba2b69d1af6627ef3c035bf816b6743f_JaffaCakes118
-
Size
15.0MB
-
MD5
ba2b69d1af6627ef3c035bf816b6743f
-
SHA1
3f46df96abe2f63529427f9201e086fa05ca7639
-
SHA256
b283a7573149259deedd678e22cf5fe05a3012682de0d06d9362e168bfd0fd5b
-
SHA512
780dc478df750c325cbe8f6c0d9f5e1c0681fc9a579f4e4dd9d99de7a0ac0dc41b292698d03a22e44b061c172d2768691a1d6534f1e2a7e4d0225e112b5bf811
-
SSDEEP
393216:KYVQYosOG5PRJ4PuYN5QF33HRBUIO3AksAjNp8owFI:Z7oCkxNm33H75ObD8I
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
aisdk_qtt.jar
-
Size
459KB
-
MD5
6ca2f499b5f3d357ad5dccbf6a94a1a5
-
SHA1
df96d1d8b24065991a5c8a88586666156ae3c8e4
-
SHA256
0fc72ca824284950f5f69014757feac50626f139440f88d492531ff4e03ea2cf
-
SHA512
1be05ec408ed28559ef2345203b61888b94219d92a2c8eb12c939c140688a9211d34fd322752195c45ed8c6be200d78cda7fff36a4654fe054a28e401347497e
-
SSDEEP
6144:6u+O0NAME6POXcDN5vNpcJM55mY/CDS6FNKhiaVqa5au21wtFIp0IS81dLYxTORX:6u+FAks8YJS5ADqVqaAu21w4p91iEF
Score1/10 -
-
-
Target
unpreverified.patch
-
Size
1KB
-
MD5
1b526370068cccc3106816f765e92582
-
SHA1
ba39b4d43095379d51b678f9545d16e05a461c42
-
SHA256
1c573224f0c70b31ada709c380a494fef5f605b18df7615ffa71f98d03ff4031
-
SHA512
cabf88b012aee9ebac2a32fa1efda127723b8c4e38de76784ea4867c2ec47ed27afcb4990cd63fe3525c0f6119fa019da82a259a5fa546c8ed844fdf78b88260
Score1/10 -