com.cloudd.newuser.MainActivity
android.intent.action.MAIN
android.intent.action.VIEW
cn.jpush.android.ui.PushActivity
cn.jpush.android.ui.PushActivity
Behavioral task
behavioral1
Sample
badda468470a02f8d3343f26e21761e9_JaffaCakes118.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
badda468470a02f8d3343f26e21761e9_JaffaCakes118.apk
Resource
android-x64-arm64-20240611.1-en
Target
badda468470a02f8d3343f26e21761e9_JaffaCakes118
Size
27.2MB
MD5
badda468470a02f8d3343f26e21761e9
SHA1
fcdc4dfe4385cb21e223a08f84d8dd98c89509b2
SHA256
f506ef821d791407162307c0fa9430c53bc63cb5ea8c4515c2263d2425ca8279
SHA512
275ce1b3093944cd15277a4dd2d9e112401d15ed7826e68bec51573984429c051d0bf2921afd7219c5514c0102ae0b9f508473d86b54839372c31eedd7a48587
SSDEEP
786432:l6z/Fa/N+JXECFHEHHLJbs9fix/avObvPhne:WNqZCNALJ+qx/a25e
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
| resource | yara_rule |
|---|---|
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| sample | patched_upx |
| resource | yara_rule |
|---|---|
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| sample | upx |
| description | ioc |
|---|---|
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION |
| Required to be able to access the camera device. | android.permission.CAMERA |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE |
| Allows an application to record audio. | android.permission.RECORD_AUDIO |
android.intent.action.MAIN
android.intent.action.VIEW
cn.jpush.android.ui.PushActivity
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.MOUNT_ONMOUNT_FILESYSTEMS
android.permission.CAMERA
com.cloudd.newuser.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_TASKS
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.RECORD_AUDIO
android.permission.FLAG_GRANT_READ_URI_PERMISSION
com.google.android.c2dm.permission.RECEIVE
cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.UNREGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK
cn.jpush.android.intent.CONNECTION
cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY
android.intent.action.USER_PRESENT
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
cn.jpush.android.intent.REGISTRATION
cn.jpush.android.intent.MESSAGE_RECEIVED
cn.jpush.android.intent.NOTIFICATION_RECEIVED
cn.jpush.android.intent.NOTIFICATION_OPENED
cn.jpush.android.intent.ACTION_RICHPUSH_CALLBACK
cn.jpush.android.intent.CONNECTION
cn.jpush.android.intent.RECEIVE_MESSAGE
com.android.vending.INSTALL_REFERRER
cn.jpush.android.intent.REGISTER
cn.jpush.android.intent.REPORT
cn.jpush.android.intent.PushService
cn.jpush.android.intent.PUSH_TIME
cn.jpush.android.intent.DaemonService
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.WAKE_LOCK
android.permission.MOUNT_ONMOUNT_FILESYSTEMS
android.permission.CAMERA
com.cloudd.newuser.permission.JPUSH_MESSAGE
android.permission.RECEIVE_USER_PRESENT
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_TASKS
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
android.permission.RECORD_AUDIO
android.permission.FLAG_GRANT_READ_URI_PERMISSION
com.google.android.c2dm.permission.RECEIVE