Analysis
-
max time kernel
49s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
28-04-2024 00:09
Static task
static1
Behavioral task
behavioral1
Sample
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
-
Size
455KB
-
MD5
03f138980d666f1c8a915978c1432497
-
SHA1
6303b9ea8f7cdab5d99d631aee585e39db0e6661
-
SHA256
48b2f3b117cad1ba76ee0d8cb04db6418e84c20be1ec3411dc01633c0e360fed
-
SHA512
b4d86c55fd22d1939d22f2ea15d2b92a372aba600e186be8114997162d8ea0a2de60276ac3c3578bca87e6368d552dd1b6c9e18ada8b05e726034c8cba3ea532
-
SSDEEP
6144:8KxjvU5o4muUy+NII+d9FxnL9GvWqaMx+/sYCi0qvfH/0bQOg0aU9u27X6kC9Yt2:9Ph6Fu9L8pN/Gg+9u2AKMzN
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.yxhoandw.rtkwextioc pid process /data/user/0/com.yxhoandw.rtkwext/app_khgegsx/eywvxam.jar 5052 com.yxhoandw.rtkwext -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.yxhoandw.rtkwext/app_khgegsx/eywvxam.jarFilesize
379KB
MD50cf390161e48fbd7f179aec30d5f458f
SHA11e3e40a4c903e0261d216b4847565666eb823f85
SHA256e9c140f302cae2ae048bb751cb8b3d624d9b1921e165822bbdc79a3521f270af
SHA512130a74a5ebe02596ec37dc30759fe35b83edcae426b264c11be83ca23e87da47887a29463f648b1c100de3a6794a2959a6d9b83cb2454766e4dc105e65731920
-
/data/data/com.yxhoandw.rtkwext/databases/aFilesize
24KB
MD5c69ef7005c3f91851e4e6fbc49e01083
SHA1ad90dfc9ee0a554d6698dcd1d5c057c2f585effe
SHA256fcb8a9d175b007f341481140c4a4ca394656864a3938d8c0e15ccf18888aa776
SHA5127bf02687ffec137b03b6f646c0db6f9ad5feff73ec5fccfb903a37e0e59c3b9cd1211d8038506fc1abdef6e65eccd1ce6634d3d699f2d0fc636b31648a17716a
-
/data/data/com.yxhoandw.rtkwext/databases/a-journalFilesize
512B
MD531efac112111d48a9a506b0f8f13ca9b
SHA13216d0d34e3911b8313a798747df31ce1392f0dc
SHA25621a81970e19a213e06dbdd17bfef43788a443499f8c32b6ac9e5d13820e25880
SHA51298c429d5c3c5f98f8ef69f547920e8d0e2457da671995a1077b4a7a3d94e01fe88852be0d82cb3c754725db290932db45651b9949fec76884f9cb74f9a2a278a
-
/data/data/com.yxhoandw.rtkwext/databases/a-journalFilesize
8KB
MD58da10d432a195cd6698804c0a9f7eaf8
SHA1879de96aa4663757ae2d11f917e027d9667cc789
SHA25650184f4cd98ae63ad96900c7a1d04fe2db79a51452e6f2fc0cfa75fca6bbee66
SHA5127958cc5534aa86d7ce1a5b6811a665f6334f7391d0efff42710c82e89bd02e2156d4447e568c547e7f5852b9edbc0eb810ca9815b6787b80be6a2fe220419291
-
/data/data/com.yxhoandw.rtkwext/databases/a-journalFilesize
8KB
MD59f0f89cc2fd7fa26ef6b33cb91c82789
SHA16ad81e06c83743efe3c9101e43403cc61d87954c
SHA25639188b838e9f40cd2127af3dab30f39a71ce36ad642fe8c929807d2441f8b40e
SHA512e7ce567027d3ee32fc6aeec7cdfe89ba923dc3ab66b4e59c322b72ea2a80db2e636d5c6bb3506750d719d8367c6fccc37a93a7ad86c8eec9e42e98b4b572f32c
-
/data/data/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsdFilesize
16KB
MD5962c28f4e4a49663c855a87e3727ddb6
SHA15a37949182c0ea257b9cccaca24ab8e68f2b0a1e
SHA2567b461271783c4be3d911038e385dc51d273c2dfdc05639cce6ca54ea6fbfa7d1
SHA512a7afa17d83542aab0ed1cab09bc459009109cf5fb882850a953878f3b1b07ce91e23f8513004a9b4f437ac6170363680acd68c0fe53501902f81feccb5cb1043
-
/data/data/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsdFilesize
16KB
MD5005079797833d415d2da822fdfc21442
SHA177d4200b43708a55501adfee8cb484e53955883e
SHA256a71094954fcd138cba05c219221c6f18cfeb41dc91254fca2d34c49b2a5e4961
SHA512bd6e3fad579cac1fe719fc40b2730b145cd12143d4c672150adb6030c9c355f487c6bf0c4c5f661077a3d7b91a52a6fb54e675777466e63f71ca50e8a9424dd7
-
/data/data/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5e5a3061e0888b403d843bfe19a120bd6
SHA168071aefc26b646029588c8e034da4cfa42f4197
SHA256f81cee5c06d73afd8a4f305940f975256ea0d88570005216f91c9beaec874296
SHA512acd82a97c6565d3ef44a265ef48237348d00320dc4037b1d01faea50a61ffb500931b76fd930a6a5db92fdafbfa12f740a459fbdaab1db85d8e2b8b6500c6268
-
/data/data/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5856660a9e6d276a816f3d94816a025e9
SHA190fd022b7afc3aed7663909765fd3a257615325f
SHA256c2e2d3cac43817815c26c6f4dbb933802012d72d3163c6d20749b854db304108
SHA512c75d8cce634c3d03778bec6029c7145e67f59af0762093d2ef900862cd43fcd266c5414e201c2891ed515c9bd6b66541e3182be2220e90a7f3fb7eb2c113d2f9
-
/data/data/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
512B
MD5a0008714b2cd75eedaf1a83fcc9c7284
SHA12bebb3d28f23d85f71f769e1deeafc6ae652b8ee
SHA2566858d59fc9f0f69927226c9806e0bdd5da3f3db85b694523f34fdf2eb6220fc5
SHA512b9872d59400b8745732003cc9acf5b8e55dce65dd6ed677c7ac0e577b22009974f79f565109d55dda42a47a5f61b0cb82358f72ace1deabb35a9d236137665ab
-
/data/data/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD542539983e0bfdf802f59f9896f414248
SHA1e28166095ba8357a39d702cd373efda7b9cd5ccf
SHA2562cbc9c375119d4d476efca5141c18b1286103429da06586576b5094549b231ec
SHA5126a4ecc1d852d4eac19a838ca0dac08da7e3f58a1a07f99e1854a20aaf3c5fd3b858b20f969d8230b1894f92a228fb7af05d3dabe00cc1a01fe668a96ffa23b2f
-
/data/user/0/com.yxhoandw.rtkwext/app_khgegsx/eywvxam.jarFilesize
906KB
MD5dcffe5ea86d188e5b54b29b5516c3ced
SHA158ceae1e00da5803f01eb76657e0f6017c65aeb9
SHA2565fcadb0f007273beb6fdbd28668b076441cbf12a4630b6fb4ff7daf0160fcece
SHA5124c8b35386f8ad401db49914b3bf2c12be9d6ccdc31223e736dbceea3b3b01a169f770fa051f15f40e7e8410d1bd936481f42b62ad2ad10541a2e77bdaa54b5eb