General
-
Target
ba7f7f013a817bf77253370452514d05_JaffaCakes118
-
Size
27.8MB
-
Sample
240618-jgdqqatcpd
-
MD5
ba7f7f013a817bf77253370452514d05
-
SHA1
89e5c5012294649d21ededbc1a881e1e2a92f84d
-
SHA256
a1b9eae661910cffe5e55ee407e69bb64c93eb26352bfb29e66c2632e080c1b4
-
SHA512
550fb08fb7b3347b8bfef685f3a12b0a0c65d6ec43aacdad98721ba020f5c606fdca5959339666cbd66c7026543605443f2374aa2ef42e0ba8685dc7f6c8e6d3
-
SSDEEP
786432:f/YXs7ebDShH3N5VoNKGmf9UIJ4SmYliOxcM+eW1M9OEaRx:o872DSdVmwJi9E4Ssx
Static task
static1
Behavioral task
behavioral1
Sample
ba7f7f013a817bf77253370452514d05_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral3
Sample
bdxadsdk.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral4
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240611.1-en
Behavioral task
behavioral5
Sample
gdtadv2.apk
Resource
android-x86-arm-20240611.1-en
Malware Config
Targets
-
-
Target
ba7f7f013a817bf77253370452514d05_JaffaCakes118
-
Size
27.8MB
-
MD5
ba7f7f013a817bf77253370452514d05
-
SHA1
89e5c5012294649d21ededbc1a881e1e2a92f84d
-
SHA256
a1b9eae661910cffe5e55ee407e69bb64c93eb26352bfb29e66c2632e080c1b4
-
SHA512
550fb08fb7b3347b8bfef685f3a12b0a0c65d6ec43aacdad98721ba020f5c606fdca5959339666cbd66c7026543605443f2374aa2ef42e0ba8685dc7f6c8e6d3
-
SSDEEP
786432:f/YXs7ebDShH3N5VoNKGmf9UIJ4SmYliOxcM+eW1M9OEaRx:o872DSdVmwJi9E4Ssx
-
Checks if the Android device is rooted.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current nearby Wi-Fi networks
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of photos stored on the user's device.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
bdxadsdk.jar
-
Size
266KB
-
MD5
170ce354f12852de7852a2cd8bfd6826
-
SHA1
6068e357aa412ab67c263f20ebfcecfa55a27151
-
SHA256
65a60000cbfd0dd36eefae21eb736eb3bb27c3acc7f0e87368896e6d9a756322
-
SHA512
b04399dc7b7edfba26c3d055c434a221910d9916b3caca8d1768a8ffdcef2f6ddaf4e28187f23528a9209cac133586c050806de36848b3f7345434a088155835
-
SSDEEP
6144:Ld666666666Pm7mJpNzlVtztmWlCshtenRJdzhiOZCFYcgGGcRnaNjjUiS:B666666666Pm7EzlVJtnl5EnRJiOZ/Gl
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
468KB
-
MD5
6bfe094580c89ba696ef8772de47a552
-
SHA1
210bc4afce84b6e6bb36f97f68f9d3d9d3432643
-
SHA256
a884e386bf4ec066c9a82518c354be513182add87107552b1f4cf33dc80bddd4
-
SHA512
7ae8c9210957f06eb177fa0472ac1fcf80f0e6b1f308ec1906fe059c38623e404b37c34d9e8702cab66efc7ebfdc5400f1506db89b75a5fd1dd915ec2c2086a5
-
SSDEEP
6144:Nz015KiQP/B4tKQ3OTNgdJHqn+9ZMsH5EK9JKp0KMNd4IoCJlv0gxWky9+T2k57:N/Z/B/NgdliEZMs9JhZ4kykTlJ
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
4System Checks
4