General
-
Target
58126b67676dacede73e09c7f79880da_JaffaCakes118
-
Size
6.3MB
-
Sample
241018-sde9tashjb
-
MD5
58126b67676dacede73e09c7f79880da
-
SHA1
40c1c3914dffb76d63e33598119d70ee4779811f
-
SHA256
dd172f66012c1b72e6955a8de8a07e7d49a493479affe4985e86072d3ec48792
-
SHA512
2e89a147e6467be2e00291abd6421c212e430e63c78914aa37593faa20c2df24b338e36ccd98699683593c5740be789074a338e4379c9402226548a4a33911f5
-
SSDEEP
98304:i9hGH/oneU/d0jczSslhut/viRAMtNKGzVxJREy+KJfKvqAkBwxlXqXZv:i9hyAyEkt/antNJz5JXFKStp
Static task
static1
Behavioral task
behavioral1
Sample
58126b67676dacede73e09c7f79880da_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
58126b67676dacede73e09c7f79880da_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
dump.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral4
Sample
dump.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral5
Sample
dump.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral6
Sample
rooter.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral7
Sample
rooter.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral8
Sample
rooter.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
58126b67676dacede73e09c7f79880da_JaffaCakes118
-
Size
6.3MB
-
MD5
58126b67676dacede73e09c7f79880da
-
SHA1
40c1c3914dffb76d63e33598119d70ee4779811f
-
SHA256
dd172f66012c1b72e6955a8de8a07e7d49a493479affe4985e86072d3ec48792
-
SHA512
2e89a147e6467be2e00291abd6421c212e430e63c78914aa37593faa20c2df24b338e36ccd98699683593c5740be789074a338e4379c9402226548a4a33911f5
-
SSDEEP
98304:i9hGH/oneU/d0jczSslhut/viRAMtNKGzVxJREy+KJfKvqAkBwxlXqXZv:i9hyAyEkt/antNJz5JXFKStp
-
Checks if the Android device is rooted.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
-
-
Target
dump.jar
-
Size
61KB
-
MD5
f9cf48ff6d32732ffaf79c05f3745773
-
SHA1
4ca8f44ed57e242541be42625a7a681e29c590eb
-
SHA256
13aed9b00d6ac86c15b01f2d2c96dd9da03b6a977829a39376e50934fa7533b4
-
SHA512
8ecebd70a66745084562ecbdb5690930b2623ad0d3c4c6c170f2e1ec988890b8b8ad1b5c68fc6dbe81bf24279b19d20d5adb305deb86273cd07a4c79fade2f52
-
SSDEEP
1536:rRwvGtBVll2gPANN3Soewbkepe+1v+eSZxHidXHbN2E65+o:rRwQBVll25NpSoewAWe++eSZxC1Z6co
Score1/10 -
-
-
Target
rooter.jar
-
Size
230KB
-
MD5
79bb88c51f6592fa6b36d76c5e2f9dc9
-
SHA1
ab6d2b103c3d86cff02f2ca6175ab8060f557ed9
-
SHA256
c1ed6649dd3114d92836520c61480a38308dfb2eed5869a5d296fbcb48fac233
-
SHA512
f2c5951dee97bb24b4ef8249f1d13e2056ce36e5f27647670635ce80b5976926f382255c01ecc0b318cc7e1233d83d8fb8e03ae747cfba9d9c7d39b26550152c
-
SSDEEP
6144:01jcTY+DMB2NW6Sxj3184rAR9ZF2dI8qRuD+BIWJVlTYfjPcyg:UjcjA286Sl6ZF2m1UD+zTY70d
Score1/10 -
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
1System Checks
1