Analysis
-
max time kernel
154s -
max time network
164s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
-
submitted
28/04/2024, 07:56
General
-
Target
04b8f915129ef3c81d7e9c89ca418234_JaffaCakes118.apk
-
Size
6.4MB
-
MD5
04b8f915129ef3c81d7e9c89ca418234
-
SHA1
c533862cc1fb7feb48c267b4b2b97a4bf519f313
-
SHA256
1fbc975f7c8fd79f23a37c9815a152c79b13d211a138c5bc31527e1f7e663d8a
-
SHA512
6aa848d5da7c69c4987889b2f51032e2eca93045a02aca561bfdd4f9f033a6225e5224aa97227bbbeb9f44326e0c7699fa1bb9eae2542ae8a8355062d3adc748
-
SSDEEP
98304:e/t36ejyH/zkLVUIKT4E/uZIjC9pCS50rOlgXJIe5U3q1QDH6StAahQKBqiiJxWI:+tR4OU5bSiKUjJcwZ5Rkgvga168
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
imoblife.toolbox.full1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
imoblife.toolbox.full:service1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
148B
MD5a3b78d197d786c13687c3f0f89703bd8
SHA19967f0726b6b1ed3f198904547b81920f8329621
SHA256c5e6754556dbe01b055066f23c28ddaaf5fe67cee4baed00d59dc993335b3d97
SHA5129a47c9bb977edec9d29d22f280e0078ca931a722eaecc2b085c6b5aaf6246d17a6ad07c9faca45070bb5b89a3ee6cf896f5e2c7e73fb033e3ac57471df70a8b1
-
Filesize
7KB
MD59ff8c188da9ef3b50292e91cf2b42370
SHA1b530beedd449f5c21976e7cd9fd292f2cd6cd72b
SHA256151274cb85da90356b1c856e993dfe48a8977cf0884a723a521ba7a81cbb48eb
SHA512429148d1fb0ac48baccd182e7261b7211a99be1dd2d45921537a020824ec1c37af7b27622061b4cf510db7861593f76f26fc8fe1731df1edbe5034c00d08c263
-
Filesize
8KB
MD531b2408dc5acda15b44b96229bfcbdcd
SHA1a061cb975b5ca553762dfe33dc2cc80da1736464
SHA256532581b02c49287460aba535ff70ffec9fcb4e04085294d53ca1586943cbaf4d
SHA5122744f736212b06dd865b16ac49fbe0f42dd189ee31d6bf926f99cdaf2e681e6b002407a0de768a69e7ce9487402962a210de945182f1d922c06244a9c341a06b
-
Filesize
7KB
MD5c4769c87f9e330dd38ff30ef736e99fb
SHA11afb08370ecc6109e32fc5b5b629a28772289dd3
SHA2565eb8d0b4de2395f95b2f9d53dc187a0895fe28d541d2ffd6fd46915d280e08b1
SHA51264787f5ccca78dcf2e8ace84318bac8f3b3087b59efc036b403ae3d32389d6b04246162bbebdacdc94dac973fbe79204881040ce4160950ee0748f1c05a4b7a7
-
Filesize
1KB
MD56d63752e4d80506f298d3e8297d71284
SHA13edae133189d02d7b87303b72af367d475caae85
SHA256822886bf68642afffae649fe6fc6c0536a0f6254e6c709f50586085fc412f674
SHA512d78aaa0a4ff2783cc77bf7cf7596f7765b1c531fbbda31c87bcadbb8660a80e6dcd698954bad8b567be61470d5e3898904a7de7f26c92b697bf7f4670ec33f30
-
Filesize
212B
MD5a2d52fb19c4e1f7df86d4da00b3e6c13
SHA1fca704a9a4954c4d9318a90cd8e308c1ba927be1
SHA2563d2848735dbac5e61db160f3ee2a882177636526acf71ae3d910a348b3c70d37
SHA5124c7df4fb0e40ece97c908416f0e09d5c1e5cac27a243115261024f25bd13ef152941a60ff5cbf443e67c6cb6293d9dc867b6ce80a60d6b1d364a2e803a522686
-
Filesize
36B
MD537e8e716e0e2f4a0b05cd9571d95b84d
SHA1f8d068f6931707bddb8cd69f706f2224ad1fea3c
SHA2567080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca
SHA512e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6
-
Filesize
20KB
MD59fd643c025976ff2e2f89246754548e2
SHA11b389cbff36e6fca69afdc225d4125667b0d394a
SHA25678a4a5d1d7d4310cb38b970c3de6853347f0043ebe38f3e17a6a0bbf2c0dca4f
SHA51249dcedcc08fc7b21d8a6c0c51c369151e9cc58b6db6d495116fe72b2c9d3fd61b7588d60f462e61da764082541680d2bf83bc3a75e9c5ac53e00709f090a7f85
-
Filesize
20KB
MD528ed5006524549cb016bf82efa7b96b5
SHA11c754b9a769ba8f94efadb45d4d2d0e8c95e5992
SHA256b04712f8baab036b3590ad50eef933fa48537dc8f25cf40722a7ed6f3267d75c
SHA51201a0a0bf6b6dcf453984d72c9291a0ccea00732996199a7e64863cd67dd84f3960c0cad526590db02a7cfea16b0e2c3049762551bdff79e2acfc20f6faa1d90f
-
Filesize
20KB
MD50813931161bf76039d8e11341ba929de
SHA1156ab4c0a8ff895c5725b2d801d78b27fbbbc927
SHA2561950be590f8b525099bef1d85f7a4c908538deb2a37e3e4b7a39fe6596b19c6d
SHA51279d7c90371504aee6b55ed977f9c65a5eaa310b5e29368f3dfd0dec17069d10e28976ecce686a90d367339824197bf8c9c3c7cea6e774f1ff05be392dea621a4
-
Filesize
8KB
MD5b2e11a9afc1932040b26702099d03a93
SHA14690e8a16b8eecef5042542bd7ccac5c38fa1a83
SHA2563a37284f1b7c61cdc93df9b861239624914da9e6f4fb8ad76e5a0a6fe1e2d1bc
SHA512240d0376501229715bb9f034fcd19b8832d0c3d50822de6ad3c0dcb87ab18c0846e161070d798173acee3e66799e3751f33c4975e90b0d90afcff69fe75d4d9b
-
Filesize
12KB
MD5ac1282d912584a979ec11d42113ac588
SHA1c10109b4571e21d0303549aeefe9b096e78c4ed9
SHA256546497fb570e45ae3efd0904ae245c4f0e630fd8f6e119d0b05f85cb9a078e51
SHA5123f0c808c1418a1a09f8858b543b89dfc7dd4bcdced3e74e41c8e31a7d495e7042501bc6e570456051de085bf8301937053717679d0883a5cf1001261a330565a
-
Filesize
12KB
MD52fe2e4c1a3df310b4e92ca509148da81
SHA16e7cca89cdf56a95a1e2c94dd460cfec5dc8992a
SHA25639ae6554df720adbad0e44940bc2851b8d7a76e81613b6d7919112b87f0f2610
SHA512896204f3663b262d9faba86535c9011a59dad98a1bc44ec03ed824520666e1876e048801f7bc42ea9ebca720921475c8b6a38128f486bc46e9403b6b3ad8849c
-
Filesize
512B
MD5c8db3de3eb5cba5a6544c1d1a9a77581
SHA14ae1333a419db8dc052020850a99af14e42071e4
SHA2564d7f704ec838ea00ef2d4d836b86bfd8ea22c05ac3f1ae95dd70cf9dfb3cfd21
SHA512a6b992ae8b133643fe9953665990871c5eb57561d06aef8d47a15088c0e1929870db9470ab0b1c3e23f0c94144e57cb17044e2f07d5b7cef441e853135050aed
-
Filesize
8KB
MD5b89eac3adb2a5a8560db40767ce823f8
SHA160371933c77399180772872e1639228283892acf
SHA256a1c6645071363cbbbb2f685e3bd9d391fd0549ac068692949ee52be3b9bc5b75
SHA512aa492a440fcf4fcd9f057fcb2873a3a85377d9568ec301c8fd8cb458ba94de3e3a7e68fb6eafb74cd5bdd94d92227a284a53322d6406485a4939656aedd70746
-
Filesize
8KB
MD5aada25e09ea8ef79d17f73b875df6447
SHA12172e8d9bb4e1c471f738896a323aecda88e7f14
SHA2568fb8c69e86958f0d00209dffce9049632a25b0882aac9e712a046f578add95cb
SHA5123f7bb1d9f56513c0efb5f836d538f496a1d480d882722fb03ced28a9c3913cb54645cf7cc56eead93ed695cce296b507df3db41b6928995761df1151755d508f
-
Filesize
36B
MD54442e4100fa55a762afd1f9cd89c4fef
SHA1814c30b046b5f5bb80dfbbf67d5d8f06cf95c6f8
SHA25672cc131384847c5d48e9806a762b8e32edb861f76ed1405e511d6e568a3fb9cc
SHA512cc438ca776b93fa08f5f1a4b25a380d849b4166c09c439f420191f51a00739abd14368f5aa2f53644f036dea0ad2b4693f9101efadf7feb1544ea6a441189365
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56