Analysis
-
max time kernel
149s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
27-04-2024 08:57
Static task
static1
Behavioral task
behavioral1
Sample
02e1301e6052cc378cc17bbc293c9987_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
02e1301e6052cc378cc17bbc293c9987_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
02e1301e6052cc378cc17bbc293c9987_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
02e1301e6052cc378cc17bbc293c9987_JaffaCakes118.apk
-
Size
125KB
-
MD5
02e1301e6052cc378cc17bbc293c9987
-
SHA1
951da213302fdce41302827033984e10aa0e6a18
-
SHA256
efa196246d3a9916303620bfef0154b52816de9e100343b6a1da20f75673d30a
-
SHA512
f3e1aadfabb4cc83061244c6658b85523386458477e8d96c3aaaa0d600a27d87ea8fef2472528b8388c6abde0a9b8cdccf939c8fddfb396d67725fa860ea09c7
-
SSDEEP
1536:rM/47mKmo7VeX41S81GwdkHrR2Kj7EnNDK0QvVT3UndNLWPMVwCoi3o:I/DogY1dkV2Ksns0QB3gTxoi3o
Malware Config
Signatures
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.rezina.serviceupdatedescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.rezina.serviceupdate -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.rezina.serviceupdatedescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.rezina.serviceupdate -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.rezina.serviceupdatedescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.rezina.serviceupdate -
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
Processes:
com.rezina.serviceupdatedescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.rezina.serviceupdate -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.rezina.serviceupdatedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.rezina.serviceupdate -
Reads information about phone network operator. 1 TTPs
Processes
-
com.rezina.serviceupdate1⤵
- Removes its main activity from the application launcher
- Checks memory information
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Tries to add a device administrator.
- Acquires the wake lock
- Checks if the internet connection is available