Analysis
-
max time kernel
30s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system -
submitted
11-05-2024 17:34
Static task
static1
Behavioral task
behavioral1
Sample
35c0cfd7b03df2e69c6723dadee76533_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
35c0cfd7b03df2e69c6723dadee76533_JaffaCakes118.apk
Resource
android-x64-20240506-en
General
-
Target
35c0cfd7b03df2e69c6723dadee76533_JaffaCakes118.apk
-
Size
475KB
-
MD5
35c0cfd7b03df2e69c6723dadee76533
-
SHA1
1a781a7218aa659d8472bb05cdc7cfae39ba2975
-
SHA256
6850afd3cdbd8caf46dba92f9e3451ef6bb276effe669b603ccd0ffe5b0a0da2
-
SHA512
bede89c8192003621d2e2b6d3c3eab1dbb16d5eace10393f3620b2439098df1c93d38adf67fe8d0a78aee5a38317338f10d46707160410a7768d63a9890fef6d
-
SSDEEP
12288:Ib3Eixua+5zD+Z3r2jq8zFPXsBZ1S2QMpsSE0q3N7B9:MEiYKZKW0VcBjxPENl9
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.ozrgqa.kvhghtioc pid process /data/user/0/com.ozrgqa.kvhght/app_fadwzxvb/ihegqkjuv.jar 5043 com.ozrgqa.kvhght -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.ozrgqa.kvhght/app_fadwzxvb/ihegqkjuv.jarFilesize
372KB
MD56f9dbb861c1b2b1d284b4562376c2813
SHA1114e263aad5fbb0da3e7b59777702b2012637e62
SHA2564ca7c3a729b472f8354850eb2aee5447b51e6d1cac791332f75b6b9861b9c03b
SHA51207fbd739cec5747644894a20923c3d20668e514451ba11fd764d01a2ae937cb1af8fdf329c60d863f284a3f5e0c60d6a3e1a83102c5f0bced06a8bb87eae8a2d
-
/data/data/com.ozrgqa.kvhght/databases/aFilesize
24KB
MD58e5c58d97a70386139008313eb4ba7b5
SHA17233908909ef42393c4c5128c70d02d62b0e6186
SHA256aefa4cbdcca9d7dbeadbba17a57f44a93ab159cb1d6ed33b5c86b119dd6d52fa
SHA51284d5481a1ee989c00f6564b0b64e092471439ee026099d715f8b622909a442c3b31c5180d2cc5daaae71fee5dd40c02fee015e892caefb7858f89f20320f002b
-
/data/data/com.ozrgqa.kvhght/databases/a-journalFilesize
512B
MD5fba2263e1b398e36ab9a6abd894ba66a
SHA145f3762a721a23db70ecf3cf6f0e1f7b9b402d7f
SHA2569cfc480b0cffdb98e96b9db3a920bfb465b3e7adb7fa1b8ca827693df36f957e
SHA51238a829bab6eb831de7668244615738e2b09cae74f758c29b35848f283d96d9d88b924845242b38fb04e2ffc4a098f2555e31a99555369da420d85d390262acfe
-
/data/data/com.ozrgqa.kvhght/databases/a-journalFilesize
8KB
MD5d448643029b4b7b2714fa57cb9bfbfa9
SHA17f8afbd555fdd49627099deea62f75977dbd9800
SHA256439ef681c5c824c3f0b3d507c884236a01285d1bd61367417a59abce101a1eba
SHA512b5fe598086a89804704b5af9686098cb5375e2cd8fee918b483c4122cb517fe328f844abd6b367fb1fcb57b6846e2ad82f5c2c05aaf6d4e8d42a3e7b8bc6fe57
-
/data/data/com.ozrgqa.kvhght/databases/a-journalFilesize
8KB
MD546c2e98e27ca7c8564bb6055bf6495b2
SHA1a0c6a0a71dba6fc62c3ec21ffb8fd5d3b74e2000
SHA256b52acf42ff2bd8d07b29a5332c2b519b39063e9e85507bd8d17d45f2e1a999ae
SHA51293b460746150c87fbdf2aadc101570bc736448cab295208d49e11d4c12ad00049709c62f257589716bd5514ac3145138b754fffcd9c810c82862797be94a7679
-
/data/data/com.ozrgqa.kvhght/databases/sdffsfdsfdsfsdFilesize
16KB
MD5755c51b8af50fdcca095bc9b86e49f40
SHA13b530d22a7b609b6f5c657c571141be753b56fd6
SHA256ac574de452908ffd0b839fdd6f1efa80a05b24e3e2832c560b5569bc5be76301
SHA512dc12ba6ed5529bdfbe3749061aabddaed529c2d1ede56dd65359c5098472906408eaee350615dfe05e7bb60b4425937e1a32d8b38c70a90f5e774fe4002617cb
-
/data/data/com.ozrgqa.kvhght/databases/sdffsfdsfdsfsdFilesize
16KB
MD5c2d4e717e8f4e150482cc5ad7583d20a
SHA135bfd5960de6de7fdbc8f0c3795421b4baa01c6b
SHA256d5d824553c65625ecf3522a98251088381a1805d8edbb80da0193631f98a1b5a
SHA512e28bdad00eec392a890c5cbd23764b55d4c15f095167e3991a8bf424af32b9c5becf995171fffb3a864cf27751bd8a120aa674fb5788bbcdff147b0790884828
-
/data/data/com.ozrgqa.kvhght/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5c1a22983a52b354f59f8da101d6eb262
SHA1eb01fd70f25af9c70eec56e18ee4020cebcb4d4b
SHA25644268dcb1fc9c731f2771273306035423f1fa944145b64ead969659afbc05356
SHA512a1bf695cd80ae804822869fe05ced8373ea381a6d0c35ca8540a573eeba21dc22e3b89803a9484c32a698c7d08e531a67b9f5ae7487460b1f031a14d59e40edd
-
/data/data/com.ozrgqa.kvhght/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD57eff7aa0c59f567a4953896094595fcd
SHA107c0932190acfac0b14277aef37d1508e133369d
SHA256add8f2a0315e242b571bb4d64d66d3e9420abefdd22c54978dcf0fdadbbcf477
SHA5120d3c892038efa81e56eee2b92b0349c69cf166d097dd2417ac0c3dffc2719688784f085790b8411748e073afc40483389cf25a7eff00884eb1694716be2da73a
-
/data/data/com.ozrgqa.kvhght/databases/sdffsfdsfdsfsd-journalFilesize
512B
MD521ca64c85f24fc0cd73230d500bfba11
SHA1169c762ed77e8020390e6b90fb251810a2efd8bf
SHA256287b813a175f99a47fa6e983b681a54978fbae169b03f86a026b40f63130e6a9
SHA512eb36850fffa42b96d7daf0b7e28ee1462d3ea8857f12f6a01ec1960efe3a55c481f771285d392f5e9ff15f59b1d8bf4d18a89b96c5ccb231189bca047143d518
-
/data/data/com.ozrgqa.kvhght/databases/sdffsfdsfdsfsd-journalFilesize
8KB
MD5f5ffbdb84ce0554a21a595e26c26299d
SHA1e6850e40e023fcf6d5feba4c0afa61034f455aef
SHA256baf4135cc3fda6c3f8fcc2728d1b0d2ba1219039cb4a26ef9e1f52695f01c530
SHA5123085be4766b0869e73641dc847b5d6644adb295f938968f27ecc88c25bad65a0702f030a0873b014ec6855e4762acb5ba8794c7e72d16ea88a98346b1a5dfae7
-
/data/user/0/com.ozrgqa.kvhght/app_fadwzxvb/ihegqkjuv.jarFilesize
894KB
MD518334e3e1d663738b4d0f552fdc61014
SHA16ad97f3ddcb658a4def3359797167388d4d0c126
SHA256df23c4cf0d10a7e8c5c3d83b20976626fa12288db8e57126171a90221c8f24b2
SHA5123eb785672deff89bf475df68810543d6ad742ed68cbe39845788dc87ccfd06ca83a6dc71c1f315b31ead743e4c8855a07ee8428ccf89b2178f09e0f09e841f27