Analysis
-
max time kernel
3s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
-
submitted
30/04/2024, 03:36
General
-
Target
08ef503db8c99962453679dd99eb0062_JaffaCakes118.apk
-
Size
19.4MB
-
MD5
08ef503db8c99962453679dd99eb0062
-
SHA1
87adb3f5e47337ebcff97b8a932a33031c3e96da
-
SHA256
a012d6597b9d5aecbfdb6f9f703af68f5bd10dc2e124c703c1aef30782097398
-
SHA512
0671dce241601fc9841e8d0973b0c41378316dc20b98ab91683ac61392d461929dbf1b592909313ac025b309ca759096da1ba93a4448137077395aac9f56a322
-
SSDEEP
393216:4GDLY0FG79Zu+r4uv6McMG+QS/wGf81WILDIkfE3MWVak/XqNqF0x:bLXFG7H7vaMn+3PIkfYZak/XqNqF0x
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
-
com.sohu.newsclient1⤵
- Checks CPU information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD595b556d27272769e1fed513dfb27f181
SHA1d9c4c138acdc7f9c41f51604b4e44c5a48bd68f8
SHA256ac7e3b8dfdfc35ddd03e44964abffff860115fc962fbb21e6c862d59d5bda837
SHA512ac1967d6b38c5e6285ef2edc52af8361f9ada50311ec4cbe1ff86a047c3ab1a91be7e179adbc9bade3b6dcc457a812996e083b85a1a0c9d705468c9ce47a9a2d
-
Filesize
12KB
MD5ea628e04765adaf4238a5dcdff4bbd51
SHA1a801947619ea8c368efe9c006a324dc6339ac60b
SHA256885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4
SHA512c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe
-
Filesize
8KB
MD506e3517f65cc78e8c1ec425492e17753
SHA193f107df1b71dec79b24cbac4b9fc323bd9dd0cc
SHA25621909862f04e1ebab55cc01052102cedc4ed34bb199911997b1e8470760656cf
SHA51222d76fc4f589d76ea59632b0476ad4e45196818ad5a35a779743d12214986a8587fd83c41239c42c0359836eb89b1c5bf9bea33ec79307b1a98822a5930eb022
-
Filesize
512B
MD57859ed324aa70400fb6c916d48f66552
SHA11dccff026c21e19d050ae3251ea651cb351b0900
SHA2568b6177f83ef8e8bf54e1687900394667321af50aefbe644add2c48ae82ab3be5
SHA512592302b6685caee3a43141cedb69bc5db3f6619826a599d2745777cee9a4c04804f59a5f236e547cb1bbf326de3c7b8e1d562442572a9c48d91ad603d5dc1028
-
Filesize
8KB
MD594859bb55fd8efe0725945270f0ea608
SHA155decac25b121d414257229852d42c21c7c288d9
SHA256c0c3cf0854b3aff0d43e5802f01b7d07d586eacedc37dccc46b5361493a31d74
SHA51261251f5890dca8fd4cd8a4f2e736115b3d648adf8a4ae7f3e5daaf36d40a51573007d51081652ad8f1eeb284966c949ea9e75f404c386988a3b0a536feadb579
-
Filesize
24KB
MD5e9e0f07463e821295f7baeb8151600bf
SHA1f265c4efdd2c1146eab3e0b938ec45e935c06a0b
SHA2565708968acfd6e0a041905b197ffbfcbb35151739a0dd48d6e65acdc56cbae18b
SHA5126ebde6c615878ce3f3825eea26475fb69db8dc37f8dee9180366bab753684b3cce5324cca0eeb7593b4e6ae86b1fa81aabce504d30ae0fb1cb590ce496d76f00
-
Filesize
8KB
MD5bac859d7368640ffc04b9ca2f6eef00d
SHA19492eca15def00129a7255996a6bd7efe50ef0e7
SHA25683bacac2bcacd0f67c26b52e2a8a2e1ba7e6f5e68d164e19ad0a128f3d4fca08
SHA5129c41e37319fe43d50a5d2d96a3225ee1234885506071a896803c0f230f9623e4d4c5b79fbae58f695ebc8807c97fd406e75fce29d07a32d5097fa7f53181802f
-
Filesize
512B
MD5c78cb8141e37e5a2f1685635f290bf8e
SHA167c99448fdfd1646b2904634051b4c957d55dd96
SHA25695cfb8df2680671d7535d7e4da88f9972b29afa7ac777da16e54e78aa20e231a
SHA512e033e60df4ca703c2b8b73eddaf1f864e1642d6cdacf1688881b482e0f74883072fd2a7d739bc6d0f01c914b87d92478dd0e5e4717c45675236622d8bbde2be7
-
Filesize
8KB
MD5f734aa58d71695822e1a306baf36ba83
SHA1876a5085b42657e750459297d4273ea0b8009742
SHA256145464ff3fa4f04f236a74e408303337233f7e2a4cf174b908f56d6365e80359
SHA51235bcd5a6fe81175dc0ae688192eecf3c2f73555393b44505424e103e52449746d9054d4ba936937ca3602fb9c3f74fad93cf48ff0ec531fb38f820dba0f95e52
-
Filesize
1KB
MD5ecb764f96fcb793851395278642b309a
SHA161d4de2052ff30d8c65627f518f1cae3e0030141
SHA256093a36f5fef19d91a4e8846a64042a7e27d36e9381b48cb0028883a471ba6ac3
SHA512d632d835ecdbf1f96ffaf5e16f1714f5c966368d6101f391b9397865a110e59a7b10e626428b86fe9f08be689bca3f1a011bb7d5c5d16d12e75f66302babb28c