General
-
Target
04740989c14ab33a2ff2696db96d0c1f_JaffaCakes118
-
Size
4.6MB
-
Sample
240728-bg171ssckf
-
MD5
04740989c14ab33a2ff2696db96d0c1f
-
SHA1
997b7fa513c2c6ecce1247f129da6680e8a4c97b
-
SHA256
5cb252c70a223901b3005816ddd87a0e7e67f32bb44af63cb6dc1482f9bcd577
-
SHA512
fa1a714626215f057007bc5759b5ba6b0108da6c08f331643322ff05195ffa0929c1be2377e612c06fe427e9c643611eb6805251ef29fe3fbacd18cdcf117a28
-
SSDEEP
98304:21EqttcTPcM640/AB+b7n7Vg7W3vuPbqwTKCvqeMKXDDLYEfKr9:UsT0MbhB+v7p32PewTKaTzDVfKr9
Static task
static1
Behavioral task
behavioral1
Sample
04740989c14ab33a2ff2696db96d0c1f_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
04740989c14ab33a2ff2696db96d0c1f_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
04740989c14ab33a2ff2696db96d0c1f_JaffaCakes118.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
04740989c14ab33a2ff2696db96d0c1f_JaffaCakes118
-
Size
4.6MB
-
MD5
04740989c14ab33a2ff2696db96d0c1f
-
SHA1
997b7fa513c2c6ecce1247f129da6680e8a4c97b
-
SHA256
5cb252c70a223901b3005816ddd87a0e7e67f32bb44af63cb6dc1482f9bcd577
-
SHA512
fa1a714626215f057007bc5759b5ba6b0108da6c08f331643322ff05195ffa0929c1be2377e612c06fe427e9c643611eb6805251ef29fe3fbacd18cdcf117a28
-
SSDEEP
98304:21EqttcTPcM640/AB+b7n7Vg7W3vuPbqwTKCvqeMKXDDLYEfKr9:UsT0MbhB+v7p32PewTKaTzDVfKr9
-
Hydra payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-