Analysis
-
max time kernel
149s -
max time network
155s -
platform
android_x64 -
resource
android-x64-20240221-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system -
submitted
01-05-2024 06:21
Static task
static1
Behavioral task
behavioral1
Sample
0b40572ec3101092523baafd48156f19_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
0b40572ec3101092523baafd48156f19_JaffaCakes118.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
0b40572ec3101092523baafd48156f19_JaffaCakes118.apk
Resource
android-x64-arm64-20240221-en
General
-
Target
0b40572ec3101092523baafd48156f19_JaffaCakes118.apk
-
Size
42KB
-
MD5
0b40572ec3101092523baafd48156f19
-
SHA1
504f95c1819f05c3d2627f432820a90b71623723
-
SHA256
3d46416a52107a0a5474a4e326c9893b7970f986d98d2481acbdac9cdb7552e6
-
SHA512
158421b6ebd164050d81a962b441bf20ca3368e19de888ff0c296e0702f2e1b5ceb1c7b4ed2427bc6d601b11e8470f2d0a10e17b84eac212964fc9ba2eddf7c7
-
SSDEEP
768:cAnRAe1QmbIhnK+985WM4SsyDnDqCZQEQGMyd/hKnOSA+77NAGP3O:cQzKUWSx2EQE5Vd/hOJAGP3O
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
pob.xyzdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone pob.xyz -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
pob.xyzdescription ioc process Framework service call android.app.IActivityManager.registerReceiver pob.xyz -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/pob.xyz/databases/smsFilesize
28KB
MD5f75f1a2e4c5a2b0ea72dbdc73eb58bae
SHA110a6f42c6b3ed46ac52bf402e5c0b6ec2e770056
SHA25661b3667c16a7ef98b9f6921ee38a5c8164cea5da99bcf9752baf1cd7aae14338
SHA51212985e041f1ccae6d733d40c62eeec50a0a8138548ff17b20487ca226e2ffaf8f2689a0d1f401d6c4931c3cf00db3ad7c9c32347f5951110b4d99288d207e0c5
-
/data/data/pob.xyz/databases/sms-journalFilesize
512B
MD5b4ac57f5a9a5b5e5bf5ae38d11ce7040
SHA19bcddc3284064d544d623ca03de317b3a3042102
SHA256c8e3a1617df57ecc14bad5cd61d7c55ff440c85db989e5ffd65e5d72c3856d78
SHA51212dfcf6c03fd28871fccade0929a5670b052a22afed670f507928a8c4309f97b74c5e6c39ad28def2b7176bdeca5e16444b6dc377b61c76654b52758f0c465d5
-
/data/data/pob.xyz/databases/sms-journalFilesize
8KB
MD5a6c8e63edbd7ca813adf1094fceb9b21
SHA11dfdb6cf1a15504d8187c5f1afddecefcf7c2eaf
SHA256111419ef2acc6a3b0e7282bc9be644d2bba960d58a18e942fa77807147b4cab7
SHA5121ff2a50aec3cdf433c8621279503933f1533f991b83a54f514edc260fa0fe74b075a4f9df42c6beb2afc47d0793e8b38dd95290749202df41c40185fb7312462
-
/data/data/pob.xyz/databases/sms-journalFilesize
8KB
MD555e73e11f69c7d02b6e711a140c41c4c
SHA1d60e005f996d7ad5113b6777b193c2ad51f7e0d2
SHA2562a70f1fb6cb72e43a2d15b1e8c03098b0ca9172b8e9c2abefbc9492e1e5fcf27
SHA5122e22a4b6e1e68e0bbe9744b75b5fe2d1d7e0fcd733d9747523a460f838314287e3e0a37f59c6efb805addbb07c115b7f887ef338f5e2d8b528ff85b962505344