Analysis
-
max time kernel
155s -
max time network
132s -
platform
android_x64 -
resource
android-33-x64-arm64-20240229-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system -
submitted
04-05-2024 09:45
Static task
static1
Behavioral task
behavioral1
Sample
12296f2dad04f985a4e8613680577401_JaffaCakes118.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
12296f2dad04f985a4e8613680577401_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240229-en
General
-
Target
12296f2dad04f985a4e8613680577401_JaffaCakes118.apk
-
Size
9.2MB
-
MD5
12296f2dad04f985a4e8613680577401
-
SHA1
1fb6fd787e74fe67c780620c329cacc3cd49c620
-
SHA256
d158a9505c196100b495278f98b2bb76f9128e4feda95276c2709d099f75da3f
-
SHA512
60f3b0531b336eaaacf14ad9e0da02dbb3e1317fa404ed7416679bbc5c532eae96b1dcf7526bcd04d0212a168b626022fae4b48ca10a3f707b2c3e1fd0c5b099
-
SSDEEP
196608:7+R6+zi0iOSS4pwTIJlkSch/Uvw2ph0MAg+GZ2EatP0SS8expiMwJE+4V:7OziwGYdSch/8H+GZCJLEpjzd
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.jkw.avrplayerpronbg.yelyup.avrplayerproioc pid process /data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/app_app_apk/avrplayerpro.dat.jar 4243 com.jkw.avrplayerpronbg.yelyup.avrplayerpro -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.jkw.avrplayerpronbg.yelyup.avrplayerprodescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.jkw.avrplayerpronbg.yelyup.avrplayerpro
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/app_app_apk/avrplayerpro.dat.jarFilesize
309KB
MD596bc192b4e5f9d9cb889c7e0460de8fa
SHA118d8ca61858aa3f27b3036f38fc2ef2faa39a936
SHA2560633e93620e67e6ee90863fdf87ef52ecc2c5fb990764a319a65320f1e33380f
SHA5125c4c87542215177e6c69ee6989c0e2fa69e828e08d964963443cb50cc9a7d9b2d9585339a0565bd1b4c8e82831a25bf27af32420a313c1562ab88727cf065376
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/app_app_apk/avrplayerpro.dat.jarFilesize
511KB
MD5226bf1bb1dacf1c6f7ba1c4926f215da
SHA1d0460824e639b2b8b7ef2f3878a7829d2e95db08
SHA256cc866593a53c0da4c02d2b74f924814a204a33ee2b15e829f50d651669e8428b
SHA512351cd5b6a9bf345423f0d0da003601506f8c6c538b407b6b89493ae571120cd8feed7abd05733c4bb89334bee2aacf472da8bc081c567ca59f7df0bae89eff69
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.YFlurrySenderIndex.info.AnalyticsData_K69G95JC7T5MMWGF62XJ_228Filesize
88B
MD5729fbb88b2745d7d14c8874e74b17743
SHA103be21523eed2bc9503d2ecc7fa0c8f538bb00de
SHA2569db2df6bc5a230590ae050fa94248bb37a4f8c875195e43276b68e9c8c8bd50f
SHA5121b8bbe31ef8a05eb8457560e4179d842378749a7786ff8c34eda7f17cb29094592dc3ed7cd20548e8b3e20a4b4344d5385bb93f2b47b720b4b112d14bb6cfd74
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.YFlurrySenderIndex.info.AnalyticsMainFilesize
72B
MD5c83cb890fa8acf1042b3ebfd4c1431d7
SHA1cd7bf7c86064e2194e70bf4432d3153fc2e3bf08
SHA2562ecf1acfd0cfe851ddb3cfdb529d7b2bceebe3296401bfa76c5e124e84134f10
SHA51265317c818c7a4b0546a2be2368b8aa2d6703cc183cab62e40537991606aa548636c88fe5598fd72ac7aa670c92792a303f47daa9723fe5a18fb651c547a7da68
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurrydatasenderblock.06ca87a4-b1dd-41f9-904c-bd0edb7cbbb0Filesize
310B
MD500b6dfbe21318ae366e3506490f0067a
SHA115f145b24d35a486c0b12bf6fa9bd37ba8103565
SHA256654a2ec172f44e69c7efbec68023012dc012aa5c19d39e3b820cbe4717d3c501
SHA512b62c2831b62770f212a388c895684cb6e9d95350f1f027331dadabd01b7d041b7c01eec39d9f776378aae23f243effbbb180557e67d215598e2f67510793b818
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurryreport.731bb495fc32489fFilesize
334B
MD588d23f350d4c5065c3485694ba57d922
SHA141ed98f476b1f3e1c3cfecb5ad72fba8f5837601
SHA2567984b9689409bc0298bdd0453ae33539c9a29a4c7c6fc07255dfa5684a22a12b
SHA512ea0e7606427ee8a0e01fe9a2c6eeb5ff1e3fe0c6233c9c42b90a300f598ff1c9f73e59dce4a607be78930a23c411cca3f2348051b03f84a7b6b6eec83548ed34
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurryreport.731bb495fc32489fFilesize
329B
MD55eb751af3fd0c5ccc60860fa3bd431ed
SHA1efbb29bbca596281e86a61f7f88f7072687cf859
SHA256f88aa7286d9a2dc257b953ef072c70efa2523c23158a68a8c1ad6e75bf3122b2
SHA512b67cc26a2ddac132ad899ca1d9644ca78a6ea6e40c603746a965ac5c0c4ac2d5897db542e287b602c4eeaa860d4b31b68c868f9313d993ef82c372c65e295fb9
-
/data/user/0/com.jkw.avrplayerpronbg.yelyup.avrplayerpro/files/.yflurryreport.731bb495fc32489fFilesize
334B
MD5bf63c1f1da6a690352177721cbce5565
SHA1f7b9f8ec919787c42a32859846e7ba546aabc40a
SHA256d0000729043ae9c7eb7edd8c0779597c0b3df64c1331d8160c3d6e79badd9046
SHA51246e3951c5e7ec523c78c0f9897beb2b27ba74ff6532a89090f48115904920cc32d9e52e0c736d4af1842de43b223c7166bc939ff914287f67b7e9f582346f630