Analysis
-
max time kernel
3s -
max time network
140s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
26-04-2024 18:05
Static task
static1
Behavioral task
behavioral1
Sample
015a3c2358706069caafdddb612a0585_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
015a3c2358706069caafdddb612a0585_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
015a3c2358706069caafdddb612a0585_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
015a3c2358706069caafdddb612a0585_JaffaCakes118.apk
-
Size
2.6MB
-
MD5
015a3c2358706069caafdddb612a0585
-
SHA1
efd4cc56a19cf7e403495a43cebc286a29531c7e
-
SHA256
d486f778a0b677bcd70ea3f6ed99356e4f03d674a6bced28c9728fa625b88db3
-
SHA512
a892776600e643754cb1fd21432868cba76676b962c1b1cb7f3767c0d24113445d3b191d008c05347db3c66af3759d6a127516165ac30e51322d53453940b11a
-
SSDEEP
49152:ga3Ei2Lnu2S9xphxvrymYbIelwvCjhUctRs3wZEqU7Tk5TC52QlLb9E9kNyK1g:138u2SkmYll9YqUTk5TC5p3E9kNc
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.yxxinglin.xzid73248description ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.yxxinglin.xzid73248 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.yxxinglin.xzid73248description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.yxxinglin.xzid73248 -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
com.yxxinglin.xzid73248description ioc process Framework service call android.net.wifi.IWifiManager.getScanResults com.yxxinglin.xzid73248 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.yxxinglin.xzid73248description ioc process Framework service call android.app.IActivityManager.registerReceiver com.yxxinglin.xzid73248 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.yxxinglin.xzid73248description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.yxxinglin.xzid73248 -
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
Processes:
com.yxxinglin.xzid73248description ioc process Framework API call android.hardware.SensorManager.registerListener com.yxxinglin.xzid73248
Processes
-
com.yxxinglin.xzid732481⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)