Analysis
-
max time kernel
147s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
30-04-2024 23:03
Static task
static1
Behavioral task
behavioral1
Sample
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
-
Size
463KB
-
MD5
0a9c2b27370ca332513f9630a1a5847a
-
SHA1
9a034bbe00b7a7e57c3ad719f3a539f8cee20dfe
-
SHA256
4a7e8cf62827d7212eb5dca53de54680e93a5e8394e5ae6c3f33a502d90f9c6a
-
SHA512
caaaac81dd0de48116a9900a2832b1b98178ac5aad17ceea717772c18304b9265ded69a4d481369121412ac14d1a4ad3905f87a7f6038d3f4d635f5420b3db87
-
SSDEEP
12288:hWSnB65djQU5AO51rF4kOJyqkTNNIt4eFUm3RVns:9BOQN0rF4TyqqvaHUmBJs
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.googleplay.service.provider.v5617ioc pid process /data/user/0/com.googleplay.service.provider.v5617/files/200/1001/240430230404438.apk 5026 com.googleplay.service.provider.v5617 /data/user/0/com.googleplay.service.provider.v5617/files/100/1001/240430230411909.apk 5026 com.googleplay.service.provider.v5617 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.googleplay.service.provider.v5617description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.googleplay.service.provider.v5617 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.googleplay.service.provider.v5617description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.googleplay.service.provider.v5617 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.googleplay.service.provider.v5617description ioc process Framework service call android.app.IActivityManager.registerReceiver com.googleplay.service.provider.v5617 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.googleplay.service.provider.v5617description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.googleplay.service.provider.v5617 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.googleplay.service.provider.v5617description ioc process Framework API call javax.crypto.Cipher.doFinal com.googleplay.service.provider.v5617
Processes
-
com.googleplay.service.provider.v56171⤵
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.googleplay.service.provider.v5617/databases/bdownloaders.dbFilesize
16KB
MD53e7444d23ad67cadc0bfaa54c29e2d74
SHA133abfa6698ec9428e74b2a2d0da68b4d2a7e8bb0
SHA256feca3300496070211ad435b6896204cc93cc223102117ae2bbc08ad4a5bf6436
SHA5121a5c64cc392a7873bc0c6b2e28277201a384606095c2df5d72d3ce7a82071fbaa30283b332caee48f8796efd51209600b0cd13f7af7e3ab6fa199ae710d399d2
-
/data/data/com.googleplay.service.provider.v5617/databases/bdownloaders.db-journalFilesize
512B
MD51f0253d9388f81495c0e127d4f26f667
SHA169692ca053d4c28cf4cd6913507f6577f2b8e5b2
SHA256e7164f08bf2bcda06dc1c12630e1e885269204caef0d6a8127839d25eea7569c
SHA5129785998a966e09328fbe3d0b1a3379833c20eb28d22cea8ef7fbd15516794b75e4af32039120b19a5e174547fe5b251fb6dd7618d2a022f74e4d973677e1119f
-
/data/data/com.googleplay.service.provider.v5617/databases/bdownloaders.db-journalFilesize
8KB
MD519883bb5b699633403915eacda9da7fc
SHA17509b6fc6e42f157cce0e7515ad27165cac85c33
SHA256dd5333ce5b809c3fe3eab7eae4f97ec76bb0d3a8695da822ca12eeccd17366c4
SHA512d421104739cd8283a1207c7494934066a2c265b27ae5e07ce87185e93501929263921683086ff08618b89445a6b9e78fbbfc92c39751a51fe076f9591a56e55b
-
/data/data/com.googleplay.service.provider.v5617/databases/bdownloaders.db-journalFilesize
8KB
MD5c9f9768cd0ed06cb25919cc8083c257c
SHA131ed0c0252f2d51bb48fb1eff47c3e1ec50c2dc5
SHA2563a8a71c716169201376cb1179e3f788bcb59c29ec12848437790f80400994455
SHA512812bf6f96b121a8d1014da5f8eb94f55fedcd3905c8c5a5e4968c57302c813532c7cea842972f2b0c8d76a3b04be76c54b043bcbceb287a5c6391a9f5b57c5c0
-
/data/data/com.googleplay.service.provider.v5617/databases/bugly_db_Filesize
32KB
MD571f4a99e280e2b9aebf3e9399f62069d
SHA1aedc43d37337752ec7af5de75a6a8d22b7830958
SHA2568e69a9dd8baef20dd8c0a80df2949c2878abff969ae02c6965cfd9a148f66758
SHA5122dcd8d7d2505cfc2d882062f703f482caf9c52980eb145f05fb1a815a168aa25382c9dbe8c2ed7b451588d75e21e95bc3840803a0a57d3eccd8face38ecca488
-
/data/data/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
512B
MD564bc915423d0197f82ae70b506a0f00b
SHA15c56a9310aa21cb2cc5082fff97d6a1b6ff27b33
SHA256ed85b8cec43333057713b586c18de53373daeba90232a8b96592187c88c20c92
SHA512644a39ffb5ca5a549e2f5adc22816d7065347aec506673aaa089febca10c1ca2e7cffc8530f17b18eb0f73eccf9477836eafcdb386fea9b1b0abcfd63010691f
-
/data/data/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
8KB
MD503c064a91244be2f30590ad65070a51a
SHA1040c3de8bc74011a12eea96b8987e44d003479af
SHA256fb702628cb1fe8439a3e8ba208a9c9aa5b5540ffa33c9b2af74dcb14899f8409
SHA5129ee08efc3742e39375cf65286b0b7fe1d58c8f88c97c5d1d7e0266e6d62778116a7129044ba5fa68abc68a068da6eb6cca5dabf7418e3996e99649f3973aed79
-
/data/data/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
8KB
MD5e3c08663d4b53c012e16bf5389253fe7
SHA1134e0edd038fb7b1ac97dc6e2f023fc2e5b1c920
SHA256509f7692cde9d1ef25b2e5212f10203455e533a78ac28a9cb462ab6c379e2da6
SHA5127cfc97b39254a6934f98b829a338c91e6c452e76c9c2b657d3f8b6d3eb3cb6f603f2c92d5aa78256057f8db19560facf42bcc80bab07f9a9d000454101913817
-
/data/data/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
8KB
MD57ae770e3961c16728fd4c3cf0d377a9c
SHA1cce84b15cfc0f2a3128326c645ab79ab58e2371d
SHA256b9f7cdc0ebbf88d4741e134b8296151da9a16d83ab659f1fc6f0b4d465fb0da1
SHA5127fba77b7655e3ff9d1f3ef65126327c9ce22bb01928790a9669cef7e5f990167daf2634b5ed8d5e469b0c63e90f9db62e9a30e87c37473d112ab5c8beec99a61
-
/data/data/com.googleplay.service.provider.v5617/files/100/1001/10011.dataFilesize
86KB
MD55d271452f9ff2bc45c9ac44af38288fb
SHA141c53f59cb54f6f4c0dc7ef2795445c26c927e62
SHA256dc387923937652e43657287d58e9ffe5af00ba6e180d51e9de4ecc88088e2737
SHA51209e86673ae1da7fd9690b54cfb0827bad88f4baa57d81bbea320ff42e471ecef707e81510a5a7117ebe53c3b4849f1c129a39b8e3f07a948509934313b3ba020
-
/data/data/com.googleplay.service.provider.v5617/files/200/1001/110011.dataFilesize
183KB
MD582fda9202d4d4f8ba6ce9d9b0fb1f480
SHA13e82fcf3407e58c5af4c4ca5a3ba8e2b1d54d410
SHA25684632e252fea8efd281c1c36c465081f65e9dd5c2b81cabbf66e9a4aa0c2b20c
SHA512b58ad0cb08487eff87edc2020ee377fab44c738360a36a370127244218b34330197e3983cae17895d6d2d6fcabf6b063f90471cde9fd8bd02904e3feb1290279
-
/data/data/com.googleplay.service.provider.v5617/files/native_serviceFilesize
13KB
MD503558622c30d827bb46680bd559e6c9a
SHA14a17de061b4235e9c17ecd75296a501373957d04
SHA256472abf6c6e704203b79189945e922d24f393a387f5809d151aeef91c90585345
SHA512b2a238ddc0806254f2a4aab0485006e7d623e22a54e8ca9e7f2bb7036b14b9b4d99b119fba812b9545f10a1047bae87379bab8ffd3aa6eed970ea0f018e8d632
-
/data/user/0/com.googleplay.service.provider.v5617/files/100/1001/240430230411909.apkFilesize
186KB
MD52f79b55c3cdbc5339793d9699bd910ee
SHA1f587b0b624c1b4f35c837293b1c42d6f30264f1b
SHA2561b6f1d63fb7973958ee65de2b8d03d7ef475db5a5bcc1eb92ae9dba740e09904
SHA512f81356f61f690ff059251f079a124737731c6812892b3d14179a0476557660379a33715d014e8324a8a210db919590ffebb21b48fc32a38ff3f84adb6c9c62c0
-
/data/user/0/com.googleplay.service.provider.v5617/files/200/1001/240430230404438.apkFilesize
374KB
MD52bf5d41f909ae3c95ff91ebc16f5b07d
SHA1a909d8572c64dc4cb25be92b619098ad364032a3
SHA2568cbe5d5e95c878c67f445f950c5f7270e6fd81a8b930c05803ea11e38a2e86f9
SHA51229a3abda3d4b242f80d9881efa7f8a6993a8e5e527633b1c007aac18fc1d866295a13812e27321a81905ae1744b0feed1f8a77b07f5704f8b456ecd69c98e31a