Analysis
-
max time kernel
14s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
28-04-2024 00:09
Static task
static1
Behavioral task
behavioral1
Sample
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
03f138980d666f1c8a915978c1432497_JaffaCakes118.apk
-
Size
455KB
-
MD5
03f138980d666f1c8a915978c1432497
-
SHA1
6303b9ea8f7cdab5d99d631aee585e39db0e6661
-
SHA256
48b2f3b117cad1ba76ee0d8cb04db6418e84c20be1ec3411dc01633c0e360fed
-
SHA512
b4d86c55fd22d1939d22f2ea15d2b92a372aba600e186be8114997162d8ea0a2de60276ac3c3578bca87e6368d552dd1b6c9e18ada8b05e726034c8cba3ea532
-
SSDEEP
6144:8KxjvU5o4muUy+NII+d9FxnL9GvWqaMx+/sYCi0qvfH/0bQOg0aU9u27X6kC9Yt2:9Ph6Fu9L8pN/Gg+9u2AKMzN
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.yxhoandw.rtkwextioc pid process /data/user/0/com.yxhoandw.rtkwext/app_khgegsx/eywvxam.jar 4448 com.yxhoandw.rtkwext -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.yxhoandw.rtkwext/app_khgegsx/eywvxam.jarFilesize
379KB
MD50cf390161e48fbd7f179aec30d5f458f
SHA11e3e40a4c903e0261d216b4847565666eb823f85
SHA256e9c140f302cae2ae048bb751cb8b3d624d9b1921e165822bbdc79a3521f270af
SHA512130a74a5ebe02596ec37dc30759fe35b83edcae426b264c11be83ca23e87da47887a29463f648b1c100de3a6794a2959a6d9b83cb2454766e4dc105e65731920
-
/data/user/0/com.yxhoandw.rtkwext/app_khgegsx/eywvxam.jarFilesize
906KB
MD5dcffe5ea86d188e5b54b29b5516c3ced
SHA158ceae1e00da5803f01eb76657e0f6017c65aeb9
SHA2565fcadb0f007273beb6fdbd28668b076441cbf12a4630b6fb4ff7daf0160fcece
SHA5124c8b35386f8ad401db49914b3bf2c12be9d6ccdc31223e736dbceea3b3b01a169f770fa051f15f40e7e8410d1bd936481f42b62ad2ad10541a2e77bdaa54b5eb
-
/data/user/0/com.yxhoandw.rtkwext/databases/aFilesize
24KB
MD509a1c65be08d5478432c8a2c4c699a06
SHA119f8db07639eab80eb0b3d757112bd47076bfb96
SHA256e4f66f1058ded1727a16c604ec745de9f81950e9b1d79d937ae3f12be2023b2f
SHA5121703e390f1b373cf02f9ba92cf6e22b7ed4cc4e553e13278e36eb30aae43b28211d1b3c76ae690e8a972dbbf6d7e634c98d8bfc7333258a19950c30d82aec429
-
/data/user/0/com.yxhoandw.rtkwext/databases/a-journalFilesize
512B
MD5870743a98f7f052c1d20b89de3671f4c
SHA168318a83a7b420dc26f6672cf1791516dc950790
SHA25633eaeb4277f769f75d1ff04029582eb243dcd1b4f03502f3c504f96a5e59f31a
SHA51235dd9fd2b4ab283b3d7fbfc6d4103cfc0f5533d5dd0e144b307f687b5ac85d099cacb9248f901f25e4cf73d222ecfeaf9c2df21a2b21989519937289e3f63c21
-
/data/user/0/com.yxhoandw.rtkwext/databases/a-journalFilesize
8KB
MD5cb59b3447608676e752b6aab6c69ba95
SHA19c101e25dda3c3c79a34f78e875dab6d1273fe97
SHA256e630865f09630a0df17086eea516befe6710aa395e11e9c1a387908ce44423c6
SHA51281af79773aa4bd662a7cebb171c305222a38d2f502136cb0a54f6082c77dac5e4018318d2fd2de20ca2ba53655bc9f7c829218d97f57287f89644a5713646e7a
-
/data/user/0/com.yxhoandw.rtkwext/databases/a-journalFilesize
8KB
MD553a230955116ae89a25ff4becbf8527b
SHA1c695a98ded768793dbc347b6b8bf0cae1bab0a93
SHA2565d0157b29c7c907b39522421091e0e80121db43cf3298cd4834bdc3bb7864ba9
SHA5121a9e34e813ff4a6acd6785c5fbac62cdf7e537c41ba9312f4c394cd091eb01ec5808ca2be103b3baf635adbf1e6bd4a15372dd2370eddaa5d85731daee76ad8d
-
/data/user/0/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsdFilesize
16KB
MD50b06c6a1c8ef6fd7a9ed22fd52d4af62
SHA111376ac020b2ae76dd31103d365d26456604bff9
SHA256aafcb370dd991facbb248a7784a222a5396414534585c7feb3a73b8fca23ed1d
SHA5124dab05496ce72a3ef9e4a21ed9f74102911da36a17816a8f4dad5f61cde812592f6edee44eec61ccb5f733ca0b21ce74590468a99a9ab00b5bec2f0d2ec9fa5b
-
/data/user/0/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsdFilesize
16KB
MD5a2545a13e0e02c2a595b93a4ad524f83
SHA18dfe7cef12f7303d5b5079bb9382bd8c51178fbf
SHA256fd1c0c9c6c887d7a97d6a007077ed29e92f3bfa08bbec02b918bec9c75574cae
SHA5126057f45e90f2969166642e3c9ab09f0b31d0fcef2464ebd0c33a5350d729b499ccf95100b9c1d09dce5bbab4d23ad18a5fc2d3dca484a805d032a927dbb1e63b
-
/data/user/0/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5ab6a873684dde109e93f552bbc4bd536
SHA13a87ffdc242e0a44cf51df0a2ea93f204fdd532d
SHA256ed3cdf87602f5789cb7e9d4fd382548ca038e62908ae8db8176c444d0e675469
SHA512f403b13cc2ce6d11b4714fcfd5b570cbc85947b0b9a805ce95d1dfb6eb78d25c62d443219329575e4a10d187101de572c4d361bcf65afb3ef20454dcc823bd5c
-
/data/user/0/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5b419a5b416de70fca02ce6a3601760c1
SHA1a71370f5000440ec6c1eee370f67018110d62f10
SHA256e19cfd30d4d4af56b5f0b510a0b75fefe80e11cd2289d1c54893d2435a938f3f
SHA512572069d666867ae72a7dce2e665239047f0c5202c1c98d347cae1a21cd19a940499cc7a034d247f0fb418bfceb6bdcb1e84155c9bf2027092441b253e8c5a745
-
/data/user/0/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
512B
MD5fbef6a8b5af9a7cb09731b9fd7c75f8c
SHA186d5b20fb5df44af1f95d1e8554af9c383e68403
SHA256faa19949a95ba3f292f9869e60aa5b02fed26377213be0b77109afc05e550081
SHA512594ae059538f170840667f130a94e73dec64494ceb05c90bc7a69c336c8f0f4201f3f6dde20ecd55c526b453514d7186ce340a558677136762426ff6bd038ed9
-
/data/user/0/com.yxhoandw.rtkwext/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5869461ed8d9b912037c3472119d3bfaa
SHA1ce1206532e94a0e602514744148ecddba5fb2937
SHA2567c816551d9d9b09f5ded17a0777c6d739eb20d4ea38d6478d0e3c2d579eca982
SHA5125782316f2b6714178e99619881f5e47e49b52aada3a8922d7f41e5c17a16423003b67926e8b7e6a6da763704675f60b5e91ef32d910ada1b856d1dcc47452174