General
-
Target
82885a949c25ca50566c12222cfe27ee_JaffaCakes118
-
Size
3.4MB
-
Sample
241031-kvbc7awqck
-
MD5
82885a949c25ca50566c12222cfe27ee
-
SHA1
86034e198a15b5f90326649e2065334df853d1cc
-
SHA256
580519107c98a798270aed077e9d874a62507010a56b5c9127cac72c7e0e0695
-
SHA512
387f08b46c4ca32fc55db8e7bc7e6975a0fdf3e1fab0085137331007b63c9a3823d88d733a82d10decb820fa92fd2d9f1f10913be5a7db02827209861d26469f
-
SSDEEP
98304:yhWoIOUb5cHO0KiByS9Ojxud6uKni/nbEnRE0:L5cHpjcxudKEbERE0
Static task
static1
Behavioral task
behavioral1
Sample
82885a949c25ca50566c12222cfe27ee_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
82885a949c25ca50566c12222cfe27ee_JaffaCakes118.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
82885a949c25ca50566c12222cfe27ee_JaffaCakes118.apk
Resource
android-x64-arm64-20240910-en
Behavioral task
behavioral4
Sample
SLSDK.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral5
Sample
SLSDK.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral6
Sample
SLSDK.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
82885a949c25ca50566c12222cfe27ee_JaffaCakes118
-
Size
3.4MB
-
MD5
82885a949c25ca50566c12222cfe27ee
-
SHA1
86034e198a15b5f90326649e2065334df853d1cc
-
SHA256
580519107c98a798270aed077e9d874a62507010a56b5c9127cac72c7e0e0695
-
SHA512
387f08b46c4ca32fc55db8e7bc7e6975a0fdf3e1fab0085137331007b63c9a3823d88d733a82d10decb820fa92fd2d9f1f10913be5a7db02827209861d26469f
-
SSDEEP
98304:yhWoIOUb5cHO0KiByS9Ojxud6uKni/nbEnRE0:L5cHpjcxudKEbERE0
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about active data network
-
Queries the mobile country code (MCC)
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-
-
-
Target
SLSDK.apk
-
Size
551KB
-
MD5
19df8a31fb37c64cc9c3a7626c1c2a4a
-
SHA1
caedab35ebb979278623a49121165f2cb1962e49
-
SHA256
24e625ee70aee9c6c2ee08a0f83ed8f529beaed7ae8d1364f55ee7e3f1bd2137
-
SHA512
a3214c9d5aa5565410d39571bfe3c66ea0abf551ba66260ab1590110d4de4dd100cadca23260412c54d04c42999913178fd412c5dc24992c960768e20e0e88fa
-
SSDEEP
12288:kfNpcEAI9q6LHkBqgouSWYwOW4EaHZEAJJnNHPFPLfNtfaMQB+2aT:sjzAqqWsmNHFLfbfarotT
Score1/10 -
MITRE ATT&CK Mobile v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Device Administrator Permissions
1Defense Evasion
Download New Code at Runtime
1Input Injection
1Virtualization/Sandbox Evasion
3System Checks
3Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1Discovery
Process Discovery
1Software Discovery
1Security Software Discovery
1System Information Discovery
3System Network Configuration Discovery
3System Network Connections Discovery
1