3dd068f1665554bddadbe32adcc540d5441de111b38dbb1eeac1c7551a282e71 | Triage

Submit
Reports

Overview

overview

7

Static

static

6

23b61fadd9...18.apk

android-9-x86

6

23b61fadd9...18.apk

android-10-x64

7

23b61fadd9...18.apk

android-11-x64

7

Sharing

General

Target

23b61fadd9db6e2ddd8f583bed66ad63_JaffaCakes118
Size

1.6MB
Sample

240703-2nvxpazdjk
MD5

23b61fadd9db6e2ddd8f583bed66ad63
SHA1

3a6b6a6efcf33f33385fc4ae4d2f64aaf767f805
SHA256

3dd068f1665554bddadbe32adcc540d5441de111b38dbb1eeac1c7551a282e71
SHA512

30bad8dbf9f2dddec25bba214207417387551e58cb7c17e239bc0f2718740892c66282e493887ec1b7b83c0ae43fc73bebb7faa7d5fb33efc649473b271154c1
SSDEEP

49152:mXFqPAUfFOb01ijjTrBQIaGKxNOgp3NXBjYl:m2e01C9aGKxNB9XBjYl

Score

7^/10

android collection credential_access discovery impact persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

23b61fadd9db6e2ddd8f583bed66ad63_JaffaCakes118.apk

Resource

android-x86-arm-20240624-en

discovery persistence

android-9-x86

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

23b61fadd9db6e2ddd8f583bed66ad63_JaffaCakes118.apk

Resource

android-x64-20240624-en

collection credential_access discovery impact persistence

android-10-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

23b61fadd9db6e2ddd8f583bed66ad63_JaffaCakes118.apk

Resource

android-x64-arm64-20240624-en

collection credential_access discovery impact

android-11-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  23b61fadd9db6e2ddd8f583bed66ad63_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  23b61fadd9db6e2ddd8f583bed66ad63
- SHA1
  
  3a6b6a6efcf33f33385fc4ae4d2f64aaf767f805
- SHA256
  
  3dd068f1665554bddadbe32adcc540d5441de111b38dbb1eeac1c7551a282e71
- SHA512
  
  30bad8dbf9f2dddec25bba214207417387551e58cb7c17e239bc0f2718740892c66282e493887ec1b7b83c0ae43fc73bebb7faa7d5fb33efc649473b271154c1
- SSDEEP
  
  49152:mXFqPAUfFOb01ijjTrBQIaGKxNOgp3NXBjYl:m2e01C9aGKxNB9XBjYl
Score

7^/10

discovery persistence collection credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
- Queries information about active data network
  discovery
- Queries information about the current Wi-Fi connection
  Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
  discovery
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

discoverypersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact

© 2018-2024

Terms | Privacy