Analysis
-
max time kernel
138s -
max time network
160s -
platform
android_x64 -
resource
android-x64-arm64-20240221-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system -
submitted
30-04-2024 23:03
Static task
static1
Behavioral task
behavioral1
Sample
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
0a9c2b27370ca332513f9630a1a5847a_JaffaCakes118.apk
-
Size
463KB
-
MD5
0a9c2b27370ca332513f9630a1a5847a
-
SHA1
9a034bbe00b7a7e57c3ad719f3a539f8cee20dfe
-
SHA256
4a7e8cf62827d7212eb5dca53de54680e93a5e8394e5ae6c3f33a502d90f9c6a
-
SHA512
caaaac81dd0de48116a9900a2832b1b98178ac5aad17ceea717772c18304b9265ded69a4d481369121412ac14d1a4ad3905f87a7f6038d3f4d635f5420b3db87
-
SSDEEP
12288:hWSnB65djQU5AO51rF4kOJyqkTNNIt4eFUm3RVns:9BOQN0rF4TyqqvaHUmBJs
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.googleplay.service.provider.v5617ioc pid process /data/user/0/com.googleplay.service.provider.v5617/files/200/1001/240430230406552.apk 4373 com.googleplay.service.provider.v5617 /data/user/0/com.googleplay.service.provider.v5617/files/100/1001/240430230411526.apk 4373 com.googleplay.service.provider.v5617 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.googleplay.service.provider.v5617description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.googleplay.service.provider.v5617 -
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.googleplay.service.provider.v5617description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.googleplay.service.provider.v5617 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.googleplay.service.provider.v5617description ioc process Framework API call javax.crypto.Cipher.doFinal com.googleplay.service.provider.v5617
Processes
-
com.googleplay.service.provider.v56171⤵
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Tries to add a device administrator.
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bdownloaders.dbFilesize
16KB
MD5da6b587588b5eb0c107668eb450f8c5f
SHA1db465baf52f58a5b673483606074126433797f65
SHA256bbd964cbaf5963ed6d5e243bc96229ddc6a5770a6bb81a5df1fc41f05175556b
SHA512886bc37286885b2e5500fc6939835398165dda0342a8c68cd0e72003f24c94913888470b0fc785fbfe76b4a65590db61dbb740bda122d25404e2e71673220dea
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bdownloaders.db-journalFilesize
512B
MD5a1ef85b6eb1cecb65be2c39740c87302
SHA121af14faa17f5076badef37d892c58fc71f49403
SHA25623febcb6fe268d060349315f1424e582560b4c550c2c75bd534029ad9671dc11
SHA512170b5af65a6522d0e0074f776c856aa758f46de18763a7dbf41002d53e0185e031e5cdb6d465e31f51885c1e8298d02aa28305e984fb5fb3c603fee16ba3a02a
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bdownloaders.db-journalFilesize
8KB
MD5a21610f332fb7df09f1620787634d1d5
SHA15052c2cc87aa81042260b5d3bcf681bc11401fb6
SHA2565ac16e7dc289a801cb1ecef05f3199dc34d8c6127d492e970d44eb0396fb1ec7
SHA512a174c3f538c9e2b06bbccdbdbbfdbecb164bd20e720824a34658dd932e874443973aec42c53f25087239c651b761efd1c4acb1c4d87b4c4b59823d215f926e6a
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bdownloaders.db-journalFilesize
8KB
MD5a136c0e58cd93525d27d2b0b521144b9
SHA18c4da245d8034b4dd761a18c08b43913afb7bc61
SHA2569f03a9b917dbb0c66872ae52935514e77516d9312814f4b7fc1f64a7f67525ff
SHA51244330c6d583b8ae159ff820f70ab9e19b9fcc53ab7f80f2345dbc385010cdd0003ec6c2ae9fad3d32492694cdbdd0d23c8ea3cde8980366cb49242ecbb375515
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bugly_db_Filesize
32KB
MD559c24ccf84884d3583aa843dd3eece71
SHA1c4af8dd9cdd27f4f75bf9a1d946d6fcb4b28a0d4
SHA2562be76820f54b5dae13d5b250b093e072a353b51632e1c5794ce28ce97be87ede
SHA5127c94775095d5d643ad61b4a942a0d326a58d2f9e6b3aa1c20c69f0db8ab8e2c4c677e8d310893de233c8a58706df83119e50f54dee81b13ce9e7cdbbce1e2e64
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
512B
MD547f9207159837ac6aab9174b41611ae4
SHA1afe47bda3bea02c340422b5efdb25cc06caea8fa
SHA256c4acf698e1c2e2697b107dee55f4de257bae84afbe48dc83339d8ec1cdb3c616
SHA512a28bf246cdc02bda24cc2809b8121801bd59f8bf5e66c87d74d4537441be20cec9a1f70d2c019683727a412fa3c967c31655e30ec85f076b77db550064bd16f3
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
8KB
MD5ba30c72e364a5d52bdc5d562bd71851f
SHA1da15916ffc5dac287bd9597181a2e2d98a86ef9f
SHA2567eb8a25b7fed89dd86026df6181f7d701b3a072f22d067fec443f3e08d4d63ec
SHA5124062036b2ad933524efabbf8fa3e47c2b7acbf7fdd84b01ab55d772d2e90cacff9d273b5881db79be21dd03465fdf39c441f794abb92dbe126fd476c58d8499b
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
8KB
MD5174b910b79a5d9ff6d403f919e7b7400
SHA128d81bbcb3db12dfc5dc0e455ebb1e839bcafbbc
SHA256e17e5d6e7686499435a844c57ce5c0f865a4eeec918d76f64481e4d77a1b3f8f
SHA5129af8a06174a7c62de4375c1989e4eeeda2a6b1e269fb05bbe78705bbbef6b76532e80920783c25552b8a431aa2fd30def412778be2e78030f4e9138ffaea5c00
-
/data/user/0/com.googleplay.service.provider.v5617/databases/bugly_db_-journalFilesize
8KB
MD528d39bd2d90e92500c7941b9addf8361
SHA11f5e0d9f2c46a3ae142ae8b464a0572381df2937
SHA256d69aabc0a0b83c99fab05666851b153ca66553f21de2823fd62263b2e458b577
SHA5125824f371449fbc1fa2ffca044b0532e24fa5cc4d6da1f43146baeee5966dbbd300e8d0614ce1878e0d0412e34a6bf4b1a1238b12c72ec9db8a6bf96192671888
-
/data/user/0/com.googleplay.service.provider.v5617/files/100/1001/10011.dataFilesize
86KB
MD55d271452f9ff2bc45c9ac44af38288fb
SHA141c53f59cb54f6f4c0dc7ef2795445c26c927e62
SHA256dc387923937652e43657287d58e9ffe5af00ba6e180d51e9de4ecc88088e2737
SHA51209e86673ae1da7fd9690b54cfb0827bad88f4baa57d81bbea320ff42e471ecef707e81510a5a7117ebe53c3b4849f1c129a39b8e3f07a948509934313b3ba020
-
/data/user/0/com.googleplay.service.provider.v5617/files/100/1001/240430230411526.apkFilesize
186KB
MD52f79b55c3cdbc5339793d9699bd910ee
SHA1f587b0b624c1b4f35c837293b1c42d6f30264f1b
SHA2561b6f1d63fb7973958ee65de2b8d03d7ef475db5a5bcc1eb92ae9dba740e09904
SHA512f81356f61f690ff059251f079a124737731c6812892b3d14179a0476557660379a33715d014e8324a8a210db919590ffebb21b48fc32a38ff3f84adb6c9c62c0
-
/data/user/0/com.googleplay.service.provider.v5617/files/200/1001/110011.dataFilesize
183KB
MD582fda9202d4d4f8ba6ce9d9b0fb1f480
SHA13e82fcf3407e58c5af4c4ca5a3ba8e2b1d54d410
SHA25684632e252fea8efd281c1c36c465081f65e9dd5c2b81cabbf66e9a4aa0c2b20c
SHA512b58ad0cb08487eff87edc2020ee377fab44c738360a36a370127244218b34330197e3983cae17895d6d2d6fcabf6b063f90471cde9fd8bd02904e3feb1290279
-
/data/user/0/com.googleplay.service.provider.v5617/files/200/1001/240430230406552.apkFilesize
374KB
MD52bf5d41f909ae3c95ff91ebc16f5b07d
SHA1a909d8572c64dc4cb25be92b619098ad364032a3
SHA2568cbe5d5e95c878c67f445f950c5f7270e6fd81a8b930c05803ea11e38a2e86f9
SHA51229a3abda3d4b242f80d9881efa7f8a6993a8e5e527633b1c007aac18fc1d866295a13812e27321a81905ae1744b0feed1f8a77b07f5704f8b456ecd69c98e31a
-
/data/user/0/com.googleplay.service.provider.v5617/files/native_serviceFilesize
13KB
MD503558622c30d827bb46680bd559e6c9a
SHA14a17de061b4235e9c17ecd75296a501373957d04
SHA256472abf6c6e704203b79189945e922d24f393a387f5809d151aeef91c90585345
SHA512b2a238ddc0806254f2a4aab0485006e7d623e22a54e8ca9e7f2bb7036b14b9b4d99b119fba812b9545f10a1047bae87379bab8ffd3aa6eed970ea0f018e8d632