Analysis
-
max time kernel
130s -
max time network
159s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
-
submitted
26-04-2024 18:52
General
-
Target
016e642fcf37f972e2dead6ceecdfd07_JaffaCakes118.apk
-
Size
31.1MB
-
MD5
016e642fcf37f972e2dead6ceecdfd07
-
SHA1
749a504fbdc2f19c35eb4b6ff03e8a76b2ab65d5
-
SHA256
a2bc27b5f168e407d3160d14ba986d38f7263eebfcc5f153da64e133e6017822
-
SHA512
f95319a6821cdb19732753915cc51ed76bb922289d86118b44c974758bb2f81ce975eb843ce078e84f2e80d89b17a9283dc8cbfb073e544b825fc8b17b7e9ad2
-
SSDEEP
393216:G0KQZipX7f/KWOlRSjrgLVpqAAaUgSvzR0a41c8aV9/XlUZRzNH8HAG4oGL+UrfK:GaZgqWy3VEAAaU1z8KgzNkAztiUdwNIK
Malware Config
Signatures
-
Requests cell location 1 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.sohu.inputmethod.sogou1⤵
- Requests cell location
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
25KB
MD55478fde52029187d5d905509ce6c1993
SHA1e58ecac8f295029d8b2db5e45109cbe5981f8d49
SHA2564718b3e9617355ef53948fe8d7599019e5fc7378c077a9881ca9a8c9efc098b8
SHA512ebac3d120708831b3b31db43cb628ffb3ead81ba84bffd5de96ceb62b8a157a0966505bc2d01cf4fe0e2b683b952abe1679a2dece5197f4ed3a58cb05e4c8f3f