Analysis
-
max time kernel
117s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240506-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system -
submitted
09-05-2024 02:18
Static task
static1
Behavioral task
behavioral1
Sample
27d205ef717562d9df6ef2768b40e20b_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
27d205ef717562d9df6ef2768b40e20b_JaffaCakes118.apk
Resource
android-x64-20240506-en
General
-
Target
27d205ef717562d9df6ef2768b40e20b_JaffaCakes118.apk
-
Size
138KB
-
MD5
27d205ef717562d9df6ef2768b40e20b
-
SHA1
d6ce355ab93b0bbf8e92c6d77d6b9385ba292a9d
-
SHA256
b5f9a2b92bccb21d7cdd0d81c3d5b4a63ad04775e288218f1a8e5a79ed54025d
-
SHA512
d9d55018e7db43a00f875042e04bc68c45fac0ed4dff5819a00c52ec6190c1a69db69c0a3ea5ac1c9d048e4693ea07acec6e4fb63916b7f10ba5727ade1c7955
-
SSDEEP
3072:eSaj4GNr1iZ0bhw2DL+1Mp8RCGGOG+03JABygpagEqs6X:LGie62DqeUQx3UfE56X
Malware Config
Signatures
-
Requests changing the default SMS application. 2 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
zzzzzz.xxxxxx.ccccccdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone zzzzzz.xxxxxx.cccccc -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/zzzzzz.xxxxxx.cccccc/files/INSTALLATIONFilesize
36B
MD56016e4355476b1140c1fd2682894fa73
SHA10d5c968f68c9a95cbcac94cbc3e8b630000266a2
SHA2560f2f2fdcf64cee88db9adddff299c8e21c5294aac7a00280b385dbfd2b38d5e1
SHA512786b5399f2f3fb79f94064434bb521fb18896c7902365b3768a21159b30a61c057407a7aa743d8976279c2f1bda72245c0e522f24f990972b198a0c3519d7319
-
/storage/emulated/0/help.txtFilesize
9B
MD573329564760013a7824ff9d5d1af91ff
SHA185841abddb12dc3591a5990c6527df65a5e63c87
SHA256a51a6c19a1ffc7416827e89adf20749d23ad42452c396cf7e627409f2896922c
SHA512344b1271efcc084b24e4e75223f1a900ec127c1e979aeab32bfed887712388a7ceeb8bd9e70d5c1721ac6dd1e64d640ec973f9ef16d6f0f85e6870e53edab00a