Analysis
-
max time kernel
150s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240221-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system -
submitted
27-04-2024 08:58
Static task
static1
Behavioral task
behavioral1
Sample
02e231f85558f37da6802142440736f6_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
02e231f85558f37da6802142440736f6_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
02e231f85558f37da6802142440736f6_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
02e231f85558f37da6802142440736f6_JaffaCakes118.apk
-
Size
805KB
-
MD5
02e231f85558f37da6802142440736f6
-
SHA1
f79d044fc0530484ddd092a961d58146049ed368
-
SHA256
9d767c41599325ccd0643d6f432b9075775a85c60df176a845605715be230263
-
SHA512
2f796e5440587a88a0f448e6c92c9961513963a116c1f829d17c8d6d75e7df4c1ad14f1d108e2a5362f82ee70fa3366a83a359403830a5a5be30b8908f61d84d
-
SSDEEP
12288:1ZhvlM2/04y+2vtiqvtisvti9vtiYvtivvtiacIoIeyQ0OqnV9xJKcQaVGbnAh/W:vhdwXzcIoIdrrKZAh/R8S8
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
krep.itmtd.ywtjexfdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses krep.itmtd.ywtjexf -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
krep.itmtd.ywtjexfdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone krep.itmtd.ywtjexf -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
krep.itmtd.ywtjexfdescription ioc process Framework service call android.app.IActivityManager.registerReceiver krep.itmtd.ywtjexf -
Tries to add a device administrator. 2 TTPs 1 IoCs