General
-
Target
85d09193e6f27bf774dc10055d1555f6_JaffaCakes118
-
Size
3.0MB
-
Sample
241102-rbnmqsvrhw
-
MD5
85d09193e6f27bf774dc10055d1555f6
-
SHA1
f4f1788cb46f010e19813bdb851b121151d790af
-
SHA256
704765f50047b77812154c2f4cc17fba5f067a4ac300f207e31c85a8bb1d221b
-
SHA512
18df9cc0c2f1849059d5fc775a20bc6bed627cc681f2fbe01fc8831837f699a015943a7240a99ac815b816b405f14563d552f0aa1d1e06873226b47900686419
-
SSDEEP
49152:xZFmny0L3F5XvfmsWMxAigmGVhSu8OM8yfeEFaEN5x2qDkwMfNI:xZFmnyC3/vfRRgLGO/yfeHENH2qDkwmO
Static task
static1
Behavioral task
behavioral1
Sample
85d09193e6f27bf774dc10055d1555f6_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
85d09193e6f27bf774dc10055d1555f6_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
85d09193e6f27bf774dc10055d1555f6_JaffaCakes118
-
Size
3.0MB
-
MD5
85d09193e6f27bf774dc10055d1555f6
-
SHA1
f4f1788cb46f010e19813bdb851b121151d790af
-
SHA256
704765f50047b77812154c2f4cc17fba5f067a4ac300f207e31c85a8bb1d221b
-
SHA512
18df9cc0c2f1849059d5fc775a20bc6bed627cc681f2fbe01fc8831837f699a015943a7240a99ac815b816b405f14563d552f0aa1d1e06873226b47900686419
-
SSDEEP
49152:xZFmny0L3F5XvfmsWMxAigmGVhSu8OM8yfeEFaEN5x2qDkwMfNI:xZFmnyC3/vfRRgLGO/yfeHENH2qDkwmO
-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC)
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
3System Checks
3