Analysis
-
max time kernel
35s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
29-04-2024 17:35
Behavioral task
behavioral1
Sample
083bcf6cc2423759d4a5a19134951db5_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
083bcf6cc2423759d4a5a19134951db5_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
083bcf6cc2423759d4a5a19134951db5_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
083bcf6cc2423759d4a5a19134951db5_JaffaCakes118.apk
-
Size
153KB
-
MD5
083bcf6cc2423759d4a5a19134951db5
-
SHA1
e501dd76dfa1b52127098b2f112f5ece0fcb0333
-
SHA256
6dec771fda42e1a635f5c62146f8ff4b525064045145c247f274c7f6cf978ef5
-
SHA512
b34c5b68a2a332a239355bd48639f5816c13c0cf6bacbdce7e2ea58308e4deae2cc21d26db60ea6f917aace8c4247050bd4392cf8cb14076fe073415639162af
-
SSDEEP
3072:eeLC5ijkZ+z1njpzYxQ1WlAmmtviQkxcYGh0SMWeai2dqyKK4Eg:RnkaNyxCqAmmgFxcBh0RDv2Lg
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
mfservice.in.mfservicedescription ioc Process File opened for read /proc/cpuinfo mfservice.in.mfservice -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
mfservice.in.mfservicedescription ioc Process File opened for read /proc/meminfo mfservice.in.mfservice -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
mfservice.in.mfservicedescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener mfservice.in.mfservice -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
mfservice.in.mfservicedescription ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo mfservice.in.mfservice -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
mfservice.in.mfservicedescription ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone mfservice.in.mfservice -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
mfservice.in.mfservicedescription ioc Process Framework service call android.app.IActivityManager.registerReceiver mfservice.in.mfservice
Processes
-
mfservice.in.mfservice1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5085