Analysis
-
max time kernel
19s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
-
submitted
11/05/2024, 11:01
General
-
Target
3442187f6aa504c99675101c0e0a70c6_JaffaCakes118.apk
-
Size
2.9MB
-
MD5
3442187f6aa504c99675101c0e0a70c6
-
SHA1
b4a940a942003b428a82c5366839ad58ea1982da
-
SHA256
449e470d78f62ac6049704180b10910155377733fcce824b1bb7685d3cbe8bdc
-
SHA512
5cc01aba0ff6b9626307ced6779368220073e4f98743751e2b0cbae89705b0e5167215aa0035d2fe4e8b92ef8308ac4e2a6b0ca5603595155adce8cdc4739765
-
SSDEEP
49152:waRAsviAEklLkwWDTEeLNrg5az02crChvHrx7hWqHI5MxUBWTJF:LR9mc3exrUaz3xFWxqvTJF
Score
7/10
Malware Config
Signatures
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
-
cn.zhui.client6815241⤵
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)