General
-
Target
49b6a9d41ad910ac3ac75bb575a2524a_JaffaCakes118
-
Size
16.8MB
-
Sample
241015-yl7lxsxhpm
-
MD5
49b6a9d41ad910ac3ac75bb575a2524a
-
SHA1
b55bca9c73f8c227659614451860d166b3959c80
-
SHA256
f790883eb84f8b1f2b6fa833fd210f3ad3ed849833f1537368b284e99f262228
-
SHA512
69fade94a8753036fb075f869870486feea7bff6305e3541f54708ca4f234a23f7d2b509e0caddbff3f338db5f08849e95b2bfc68df4c0837975cdda48176909
-
SSDEEP
393216:XOQx/2lO+TGjkb3uy2yu9j6trqxfzSisfapRwqPu5C:XOq/2lB+NlUrSaaRu5C
Static task
static1
Behavioral task
behavioral1
Sample
49b6a9d41ad910ac3ac75bb575a2524a_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
49b6a9d41ad910ac3ac75bb575a2524a_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
LehihiSafePay.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral4
Sample
LehihiSafePay.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral5
Sample
LehihiSafePay.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral6
Sample
ZqhySafePay.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral7
Sample
ZqhySafePay.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral8
Sample
ZqhySafePay.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
49b6a9d41ad910ac3ac75bb575a2524a_JaffaCakes118
-
Size
16.8MB
-
MD5
49b6a9d41ad910ac3ac75bb575a2524a
-
SHA1
b55bca9c73f8c227659614451860d166b3959c80
-
SHA256
f790883eb84f8b1f2b6fa833fd210f3ad3ed849833f1537368b284e99f262228
-
SHA512
69fade94a8753036fb075f869870486feea7bff6305e3541f54708ca4f234a23f7d2b509e0caddbff3f338db5f08849e95b2bfc68df4c0837975cdda48176909
-
SSDEEP
393216:XOQx/2lO+TGjkb3uy2yu9j6trqxfzSisfapRwqPu5C:XOq/2lB+NlUrSaaRu5C
-
Checks if the Android device is rooted.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
LehihiSafePay.apk
-
Size
1.0MB
-
MD5
f470ec8d399ad6db0384168bcff095a9
-
SHA1
10aaee0a7df2a3974dff8ab5d2d807e7568c0d56
-
SHA256
786b3d9666bf35a537085afe67c7f8ece70621bd120c0c26c0be957ca40d4c57
-
SHA512
44643b5088661f0e21da8de025ac30662f1cda544e7ecca9bd910f743991dcd447a6249e1d7ee402ba26e98760a82cbd58e6f7c108039ae0b82724640c211ddb
-
SSDEEP
24576:PAN9dwihC1CJUDcOflmlsM/mFVMnmZsiNe+:PARwKGrm+NFenmZsiNF
Score1/10 -
-
-
Target
ZqhySafePay.apk
-
Size
1.0MB
-
MD5
fd719d8398cdefa19ea1e6771ac920d5
-
SHA1
24191e6dc40c95f1ef62c59cb6d64caafa71ef26
-
SHA256
76af0c879267d03328fee2064dcb2fafdbb007f9fabfbf55f543bfd38dc83f00
-
SHA512
9b638eaff5be9ef1058971f43fdd0dfe7464b34ee33d89139b39dc6b71bcd73184fdda6276dc16433d7f2effb6ff5204760c2d0f427860c0e5f6e5e5e39b209f
-
SSDEEP
24576:wZ1BEoimgZusEviyw+Usx3jnKTl0ypAF7ltIfhnPvsiNl3:wnaFZ06yhn3Cr8tWhnPvsiNB
Score1/10 -