General
-
Target
b6ce7d4d35d5cd390b1d71b6585de8db_JaffaCakes118
-
Size
12.1MB
-
Sample
240617-fa28ysvdla
-
MD5
b6ce7d4d35d5cd390b1d71b6585de8db
-
SHA1
9887f7a1f4f5a291564b820c907a90290f2f6246
-
SHA256
6da84996845fde20db45391351da159855ea071641b079eec3ff8b9b5f396e61
-
SHA512
e9ccf5942d3c57ab5ecc172fcf6675e6cb1b5be51fee43c1b9f820471a9196eee910a8c223ad08c28217342e1f398e207f32f3e77ac4602f514c14624edcafa8
-
SSDEEP
196608:b3pV2CSLaRgD2gfHoSYPRidWLJClArucbPUOHZanYHsgl+/HLo:b3pE7LN2gfscaReOoYHAM
Static task
static1
Behavioral task
behavioral1
Sample
b6ce7d4d35d5cd390b1d71b6585de8db_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
b6ce7d4d35d5cd390b1d71b6585de8db_JaffaCakes118.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
alipay_msp.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral4
Sample
alipay_msp.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral5
Sample
epayx.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral6
Sample
epayx.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral7
Sample
epayx.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
b6ce7d4d35d5cd390b1d71b6585de8db_JaffaCakes118
-
Size
12.1MB
-
MD5
b6ce7d4d35d5cd390b1d71b6585de8db
-
SHA1
9887f7a1f4f5a291564b820c907a90290f2f6246
-
SHA256
6da84996845fde20db45391351da159855ea071641b079eec3ff8b9b5f396e61
-
SHA512
e9ccf5942d3c57ab5ecc172fcf6675e6cb1b5be51fee43c1b9f820471a9196eee910a8c223ad08c28217342e1f398e207f32f3e77ac4602f514c14624edcafa8
-
SSDEEP
196608:b3pV2CSLaRgD2gfHoSYPRidWLJClArucbPUOHZanYHsgl+/HLo:b3pE7LN2gfscaReOoYHAM
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Requests dangerous framework permissions
-
-
-
Target
alipay_msp.apk
-
Size
748KB
-
MD5
d06ea38e4210a87d6b96f8b0491df677
-
SHA1
3ba573396398757088e559a9d372049a377eb05a
-
SHA256
76a24f83ad15586ff9a2081e420a707be9ddb0b5047e5b6de5974c41624ff2c1
-
SHA512
3d43e5bfad2b703a804a53048b6a88228a11fb80ac641d6594f774cc07f6c7367e0ee80b29966d02c9206542f467f55b0f1ddbbfef0ec372256314a7d1071f30
-
SSDEEP
12288:IjRAsoln+WMB1EgrGERh4xWgtSM7vXrRCn4I5p2Cnfv:IjRApZ+WM7yER61P7jw4IGSfv
Score1/10 -
-
-
Target
epayx.jar
-
Size
175KB
-
MD5
e70d3c3ff87401690af6a24542304a6c
-
SHA1
4ed2a412969626fb6f7cba98338c29160f9b99c2
-
SHA256
6a752a41d365e98a27cdad043a69d688b320df708227deb182b276ef14e87351
-
SHA512
15b102a0397becccaf1780df053290e4569b4fe3c28cf722922df7dca3cb72b8ebf89ab33cea62354038eaf3d1dbad39f3696ced47ceeb0365b84a5716b57548
-
SSDEEP
3072:Zaau3uCBHk77yuepqPs7R35NON2UUuE2oFFN9aDDMVEnYdY+HUbfGer:Za7dHl0MR35NOUUqRFFN0v8EnYdYmU7B
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2