General
-
Target
f6a294d150c5c291e2f998a8cd4e4874_JaffaCakes118
-
Size
13.6MB
-
Sample
241216-bqf87sykeq
-
MD5
f6a294d150c5c291e2f998a8cd4e4874
-
SHA1
e118d7785f84eab2cbf9e3fce144c08e05f8df3b
-
SHA256
71768a11c8503aef5ef025423e0dd41f526bb5ec27ddca2e128bb7c1ad033c82
-
SHA512
41b5408de4470a95d565a80c5a5596a4b87edfa00a105fa7b683a4675b043d5d39c829d42db94b9835b626aed30a9c36fa16a9baf5d72619013d0d6b63186fa4
-
SSDEEP
393216:P9Ow1aZ85fVGEAA9SVSEArrHnexhdPWACDIurRo951b7:EwnhA0SZ0i1C8c2N
Behavioral task
behavioral1
Sample
f6a294d150c5c291e2f998a8cd4e4874_JaffaCakes118.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
f6a294d150c5c291e2f998a8cd4e4874_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
f6a294d150c5c291e2f998a8cd4e4874_JaffaCakes118
-
Size
13.6MB
-
MD5
f6a294d150c5c291e2f998a8cd4e4874
-
SHA1
e118d7785f84eab2cbf9e3fce144c08e05f8df3b
-
SHA256
71768a11c8503aef5ef025423e0dd41f526bb5ec27ddca2e128bb7c1ad033c82
-
SHA512
41b5408de4470a95d565a80c5a5596a4b87edfa00a105fa7b683a4675b043d5d39c829d42db94b9835b626aed30a9c36fa16a9baf5d72619013d0d6b63186fa4
-
SSDEEP
393216:P9Ow1aZ85fVGEAA9SVSEArrHnexhdPWACDIurRo951b7:EwnhA0SZ0i1C8c2N
-
Checks if the Android device is rooted.
-
Queries the phone number (MSISDN for GSM devices)
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
Tries to add a device administrator.
-
Checks the presence of a debugger
-
MITRE ATT&CK Mobile v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Device Administrator Permissions
1Defense Evasion
Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
1System Checks
1