General
-
Target
b8e31bdea68a3aa3cd04eb6ac8190ecc_JaffaCakes118
-
Size
3.7MB
-
Sample
240617-qwdgtsxcnq
-
MD5
b8e31bdea68a3aa3cd04eb6ac8190ecc
-
SHA1
45ccd6465243663773a57bc420b15bd440b41535
-
SHA256
d8398bb3e3f5a0d1488f164be04306d0e0d7fadd4c782149b4352da5a624b952
-
SHA512
18c4b724264976a705d5404cd29ab8eb366c06c1ed854a35e8ec8b3bf352aff9dce47dd47f4b83cbfc43eb47f67581492e96d8dbf46b1361d8127c6119f9d2ce
-
SSDEEP
98304:okhqJO5xpW34hcQSC0c23yYOGkCWRolLKbwthzDcu0zr3:hoGCte2CXCWyR6+1a
Static task
static1
Behavioral task
behavioral1
Sample
b8e31bdea68a3aa3cd04eb6ac8190ecc_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
sdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral3
Sample
sdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral4
Sample
sdk.apk
Resource
android-x64-arm64-20240611.1-en
Malware Config
Targets
-
-
Target
b8e31bdea68a3aa3cd04eb6ac8190ecc_JaffaCakes118
-
Size
3.7MB
-
MD5
b8e31bdea68a3aa3cd04eb6ac8190ecc
-
SHA1
45ccd6465243663773a57bc420b15bd440b41535
-
SHA256
d8398bb3e3f5a0d1488f164be04306d0e0d7fadd4c782149b4352da5a624b952
-
SHA512
18c4b724264976a705d5404cd29ab8eb366c06c1ed854a35e8ec8b3bf352aff9dce47dd47f4b83cbfc43eb47f67581492e96d8dbf46b1361d8127c6119f9d2ce
-
SSDEEP
98304:okhqJO5xpW34hcQSC0c23yYOGkCWRolLKbwthzDcu0zr3:hoGCte2CXCWyR6+1a
-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Acquires the wake lock
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
sdk.jar
-
Size
127KB
-
MD5
4e193ee40974b27cfbaaae738c670d52
-
SHA1
43208c4de7a277ee19653807418cdcc32ab164af
-
SHA256
51867af300d957236f2cc616fa505fe20e7eb5e6dd2614c13c68ee2da2ef6028
-
SHA512
ce46b1938f3f84fe5101c8d922ebdf30f757ac401e608f43047d8472e07092f38da7557aca184652c0d3be033873616381a7d2471072544f6f0f911fa413b24e
-
SSDEEP
3072:SjgQZzGBVY0KmSiPTPwljjVFgCIbzmfT0h4jQyv:2gQZSBdK1iPTPwdhFgfmfTY6Qyv
Score1/10 -
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Input Injection
1Virtualization/Sandbox Evasion
4System Checks
4Discovery
Process Discovery
1Software Discovery
1Security Software Discovery
1System Information Discovery
3System Network Configuration Discovery
3System Network Connections Discovery
2