General
-
Target
85cd09e9ec18a57642b688d48b693c59_JaffaCakes118
-
Size
2.7MB
-
Sample
241102-q9xsmaypep
-
MD5
85cd09e9ec18a57642b688d48b693c59
-
SHA1
a7ba8280e6a87098a457af857e97d279cfeb8027
-
SHA256
8b38756b8c60c1b40553a8169f412eab623d936898a842b1f1f7dd9f657dbf4b
-
SHA512
f4c2654a8fb740543774f28ba384da06ed9a6411a7e29758f5b5f70ac9fd29b6cd8277f9aa61b311bef05506259285ea4de65bfd91703692848d4449aa579be0
-
SSDEEP
49152:4Bf12sNt1QUKxE1Iuv8wsB8cUWsOr0LnIkW54+XiYklUUBC8kuo9sWfzyqOLTj61:i8Q1Q81Iuv8wsOc9sOr0LnIn5pXiZ9zg
Static task
static1
Behavioral task
behavioral1
Sample
85cd09e9ec18a57642b688d48b693c59_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
alipay_plugin_20130621msp.apk
Resource
android-x86-arm-20240624-en
Malware Config
Targets
-
-
Target
85cd09e9ec18a57642b688d48b693c59_JaffaCakes118
-
Size
2.7MB
-
MD5
85cd09e9ec18a57642b688d48b693c59
-
SHA1
a7ba8280e6a87098a457af857e97d279cfeb8027
-
SHA256
8b38756b8c60c1b40553a8169f412eab623d936898a842b1f1f7dd9f657dbf4b
-
SHA512
f4c2654a8fb740543774f28ba384da06ed9a6411a7e29758f5b5f70ac9fd29b6cd8277f9aa61b311bef05506259285ea4de65bfd91703692848d4449aa579be0
-
SSDEEP
49152:4Bf12sNt1QUKxE1Iuv8wsB8cUWsOr0LnIkW54+XiYklUUBC8kuo9sWfzyqOLTj61:i8Q1Q81Iuv8wsOc9sOr0LnIn5pXiZ9zg
Score7/10-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
-
-
Target
alipay_plugin_20130621msp.apk
-
Size
354KB
-
MD5
7b3353b143078dbafd37485f8136728e
-
SHA1
f2d312754bb2c4854849381997561d09a90b4fb9
-
SHA256
e86f24838e0aa5527adf3d129652bf70b67990989bf7e8c8d61c3356231ce1ac
-
SHA512
0f326957abeebaed130da1f6ec7a53de5dd9671d6ae7d975f2b6172af4c323df81efd0f6d4b8a1e4197d5dd35d4419c658f1c936a404bbf9d7e73ee71a5e06f8
-
SSDEEP
6144:Iv8DL7okgHi/BBs3dWcfihtB7+Y3Ju4g2Tf5C8EcPK+WvyQcy2fny43:Iv67gC/BBsNWfh3VcG5CLE8Rcy2fny43
Score7/10-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2