Analysis
-
max time kernel
131s -
max time network
158s -
platform
android_x86 -
resource
android-x86-arm-20240506-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system -
submitted
13/05/2024, 06:43
Static task
static1
Behavioral task
behavioral1
Sample
3e33e653272bd153a6e8386fd818ad03_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
3e33e653272bd153a6e8386fd818ad03_JaffaCakes118.apk
Resource
android-x64-20240506-en
General
-
Target
3e33e653272bd153a6e8386fd818ad03_JaffaCakes118.apk
-
Size
8.4MB
-
MD5
3e33e653272bd153a6e8386fd818ad03
-
SHA1
8da4ee1915d24b62d3652ed863ee47e3ae4b5bb6
-
SHA256
0e83faa0b475403ce3e0dbd2171c2b59754ef30f77279dbfafea9ed670425cb4
-
SHA512
9b38fccc79ac38dc62f0d8fc5950356af8307ae33e23be32e4a5c42c5f480d79484aa3bc7963a22bbd86d797c62e0ce3bc856a722210794be3f71e40908515ca
-
SSDEEP
196608:7Ydnko4KKyJsXv71Or8ZATFGpO+gH13e7NKSeeTOQzyM:ZoRJsXz1m8ZApGs+U13q1L
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 3 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.radius_circle Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.radius_circle:remote Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.radius_circle:remote -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.radius_circle -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.radius_circle:remote Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.radius_circle -
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.radius_circle Framework service call android.net.wifi.IWifiManager.getScanResults com.radius_circle:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.radius_circle:pushservice Framework service call android.app.IActivityManager.registerReceiver com.radius_circle:remote Framework service call android.app.IActivityManager.registerReceiver com.radius_circle -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.radius_circle:pushservice -
Checks if the internet connection is available 1 TTPs 3 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.radius_circle:pushservice Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.radius_circle:remote Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.radius_circle -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.radius_circle
Processes
-
com.radius_circle1⤵
- Requests cell location
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4267
-
com.radius_circle:pushservice1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4313
-
com.radius_circle:remote1⤵
- Requests cell location
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4336
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD560b8f451ef199d7b056fed22a173e53e
SHA1468339187f71f5b2e9e2ad4ccbf486ceeadf6198
SHA25680e39bc86040437090c60d2b8cda8d46ea91b13ad92487b8e4597440463c4894
SHA5120272f89f18513d0fa6c6f1906f4ee6720262f0fcc4510ca2285f8b8a618449249d9758e674bf77605c02d2e945d9586f02dcac7d4a82a21ca17787f937f49c45
-
Filesize
512B
MD5dbbe3032b5321f0ddf6a4d0e03a7b0c0
SHA11e5d02f4c6ab00bd167cff85b152801b1a1db9fe
SHA256d9fb7c30168eccddbc606e1d977e89e17a02bffc8e8db3edea067b807f34cba0
SHA5126d81b0372564682b6918f0068a37b09cf96660f7f32628f9afcee5066e4217052fce7839aebb05f665d26c2cb5447dbf3ee6a8f82d0ace455978b998d587f2c8
-
Filesize
44KB
MD53f84aa349cd7a5fbdc3d849c01dfba84
SHA1283ec1e0b324c75ae473e6f4b946d79876b478a2
SHA25637b0040ed5afe47e6c5dea7b88bf1816b4772cf5382f15bea3eed19cd7306a4a
SHA5123989697926b45bd65125f9b0f0fbbc536798d906faff839c017a90b9c1b3f418247237c99fcfb20ad6eda9c61796b6aebe8b89b98a9e01554e74f9255808401d
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
88KB
MD5caa436089b0bd83cd0f8b6f197be0b82
SHA1cb9de325bde1794e9729d8531b446517f719bd8e
SHA256b35ab80b4251d1af17a52cbb11059afc7c2fe07a9f9dc84bd714e6d9d7214af6
SHA5125cca3438d9649091d319a6ef175eaf02024bb2f42c170a8c71f7d89d57cd899a66426733886e60bf429a20eb2cc9c73773590f39848fb3158b023ca439bc2f1c
-
Filesize
4KB
MD517520dbe240769eac794aa9af22a3ad0
SHA1da7875ff170bc4738d11d7ac7747deb037d5e91d
SHA2565acf154e62d35252f781b631161bf13b95f0e34284cfe584daadda554eb53fa5
SHA512e6157a6de40377c525763f3f14e477ee6e0262b6ed6362ea82873231eb0cb424816662480e8ce92183dca8917a82d9010d0b9ca80c5a67065de11b48f1ffeb0c
-
Filesize
512B
MD52e4b6821db132fb3475a7b1a57252eb8
SHA15a3229a75452d16cf5a3ea6efaa773ac403454b5
SHA256fcc13ac088ecbc86b43dec6949c583f3020f4289f3a9e5178e5da8274b73245d
SHA512c1f6f0d7085c1099ecefbfbfb444f0ea69acbb49a119743289c5cacd5e56819aced635b2f7f1f685347a363c57a10136a89defc84aa8d2757675b54a57cac9cf
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
36KB
MD5fdda76ab5d868a15566a34b5577a5b49
SHA143f64f690cba8e3884affa6e8c0645595859a533
SHA256168be0189129dce44a308ba4b7dce3da578718fbede4ab63e282b42712fabb8a
SHA5120b8fbd22c40ae084f4c7ff562ab222830f0e8e96cee64ac46546e4bd37e3cad732556bc70685b487628ee4f4bbb19520b04b14ef0d06848f960d40dd2a846d8c
-
Filesize
525KB
MD52715241c3bb3020da6c289d34b9df8f3
SHA16bb73060578b9997f943ee6085a6c97084be971d
SHA2566fcf62679a7a4bafcb0f9b2e4fdc5666519806a81258464f9043d095f6c2b78e
SHA5124f1cf7555680ca3b46f0cb092f12991af6d146d3a4c498c457e5c75ead3f0a264427355bc2cbf8780806866b39ada8c9c6bfbd0e9c5f2d3ff507f8c764982269
-
Filesize
248KB
MD5df0a726d27e19bc43c1ef45d0138da4a
SHA1a4453894762ba7b541fc87e36f988fb369251e6d
SHA256c4c41df82444ca3c8f6a40780a9ac22511dce1b8bc0d4ff6cccd778af0ac3ecc
SHA512d553fe731069f72de17d2c96a879b8a3bee0a51dc9e4e3db6fc47a8d663d33a8d5b2628008491171ed4ee555db4d573210eb383b09c4d81d9176c21b8fb65939
-
Filesize
166KB
MD5b220cda59031c02810ba642766c5e81e
SHA11fffe212739b6886ba298f4b806bec3fc6cc5daa
SHA2567f61542eabfb309d4bde16e60963c3c48a4995df72659d6f84a5d930f0a878e9
SHA512fff02ce54395dd3fc153557876b27888994def77b4fc03f2fa5a377e8b07fcff9acf38460df030acd090684c086b5c1c23a59f255490e698273ccd760c6bd0e3
-
Filesize
4KB
MD5be7778f14fa70b5e3fb0834de023998c
SHA13bc4b22e1883afc0aefe872cd446bb76203b4b63
SHA256bfe474a867d3d178f1f8859a833db63bc8c0470769effbb103ea3713f311e2f7
SHA512a47a3cf5e0fc9c953dc94befe9847a4b335ea5c44d76c01f7a9f8f5d4e97b840f675cf308e9c7c4a0847484d254aa074336d9b4d1b40d0abe009d6fa812010fc
-
Filesize
69KB
MD54e9eab735928758b860e48b2f9befd7b
SHA17223dfdd00f8059d3b83c28c6f7d78d2dcaa0569
SHA2561a5650bc57e525ff23c7f0cd058d4574142e772c51a89867a13f89e13b93d6b4
SHA512c7465fab9518be687ee63cbe044f28a4d5c60f1c043fab0ec66a856b2b542c9d99d9ef5812c7eb2033f797805ba37b821572b83eeeebdaac4854a4bf53977599
-
Filesize
10KB
MD5dbe34a42cfc24f4165fa47ab6756d407
SHA124a627b951058f4862438fa1e6255f92586b8ff0
SHA25662abd336e5eae558b6ba0e94b708663d89f7da73c413e9e90bfafa23a1c2294c
SHA51230283aa4c070eb5be8b3b961725eae4a8c882028fcdb8038de7b245210350266eb2272677dd44f4feb388098db062bdab0145f31037438b28df0624595d35aeb
-
Filesize
1KB
MD5883c30365d5d377966125dd0c079debd
SHA1d296ec1e3f4badb6e3e6166c1473fb55d4265761
SHA25650112e7ed210b33224fbe1cce568c8e95a14fb47f7d39ec905369e2feb9668aa
SHA51200b1604e206a5d929071aa1cac99d83320eacdbb064d517973a5a36757a8a9eb8a103452c98f24e7c8d29adb4b2843e804bfdcb32902da7e364a0c30f8609b7f
-
Filesize
86B
MD5298924848d2517a508f43ff0cc51bd3b
SHA1b9fcde7b86653ead6deb57280a6049cf87745710
SHA2560b6eb1f518059d8c472bab90091bb26d9ab877f6c70fac375412ff1582b8ca3b
SHA51263b88c5b9b971ec52a5f724485d9998bfedb073e84ed63bcf0337e726923510d97a8ddf87371b5620f89ba788af01db58300638fff5031856c77dec8e18b4342
-
Filesize
69KB
MD5c3e9893caae1000dd079a6893a18c2a3
SHA1e446cda2e2496e8de2a23ce7e888b93cb0d2ab7a
SHA2569e2491c68ee457df6a73072d9c6d1273459a3937c5b1a2916649dd84ad468aeb
SHA5124d931efe4c163fe8e75aa89e1543e24ff72f061bb13a5cb8b44f20a3d13b0f86dce74579569920f80d5459ed2e192cb89b59ee77aaa64673bf1af5081aac124f
-
Filesize
32KB
MD56092fe1b84c213f043edeb7bff79f40a
SHA16316b9b6ccecc36dc8d4d04c6b330cee168774ef
SHA2560cff1e8f6d8e2bf7beffd508a941b5285d0fe0af64c1e2e6296e5a2db6b604bc
SHA512f57064a3debcd593bb808db3caee3e3478cb89e69aaaee732098e9cd919d3fb5beba2ab72ced36b8fa923eb12fab1765a7750515abf9b50d6ccd46d49ad34aec
-
Filesize
1KB
MD51c6abcbbd253448057930ad1cc59ac75
SHA1a5845d1c4bc87b8b4785b456d76edcb8309eda4e
SHA256a46b498ba6586aaa2f246bb34e47f4290ac60273cb86ff662475b0def7172136
SHA51271aba5b2a1020d1925b3844c861cbe595de3b21d665eedb13f1ef0d80477fc091663e0625b09c5f49d4f9d0770970dd0d188b84635e9c75c1bdba9f2a7171631
-
Filesize
156KB
MD5861eabc59a3ef30ae002a19e5295fc30
SHA13373c2ef608c6a89ad482227c523cc754c4db0dd
SHA25622cdcdb51b2db55eb86074c9d675a7cd84219b76630cf83f95157977647e950e
SHA512ba4be0cc4ddf3784f3e0eddd11b2c24c756532a50f3bc79af275afe037df5e065410fea0225b9b1e7fc4f89241977f9dfb97cfd8e9ba9be4475554ccafddcc57
-
Filesize
76B
MD5e26b16a0c62241f586b16fef3d6949af
SHA1021195c3187f47d693c1a14c9dad11a3193fddc4
SHA256fa20416ca51ed30163d82414aeeb2e0fd36be6ffaf934fae3d4847264ad98897
SHA51237e05fa0c5d04b86eb58dea63ea891a9ad2b92630ad0c3697fd1a60e83be86c3cf456f595b2cc9d12ae919443b39186ede944926e6c2befe22024853d30c017d
-
Filesize
512B
MD5982d2f4ef70233a878060367ccb3c616
SHA16426fc5d18ac7c9f87622081e529177ba7b3c520
SHA256236b5b619ff6f89acf2e310ed5c4155bac65b7ccaae7d5840dfaacc0e268b8ca
SHA51223f69a9db607b048129a110a56c1e380d4dcfb1c51a6dfd74cfbaf2500d8a99ddae140d1acbebd9daac04b5bd29c85f897165b38fadd1e97a45c85c38f1c3249
-
Filesize
48KB
MD54f281990d5265e2fa2d2441905451696
SHA1c66f2b1e7c41fdfe2186405eb89464ee940f39e9
SHA256c30b5c2b24cbcf40eccd7826d0dcc69263205ff9d5fd5a144537deef2faf245c
SHA512b4b6bac4abc989e444187d418a93bd6ed2ecd23a038073ab3cec752a54edc2e30225a8de82e31b7c2e184a71c3126794ae5104847062d5a03e71c5edc7ac3753
-
Filesize
512B
MD5068053286848d141c606640e1801cc70
SHA1101620e105d355047f4d3a9632ef2b5ec615b10f
SHA256a81270762fce53af2db31fc437720236969b18f295a0bf3d4d507a9620959337
SHA512939baa444ef2455505060a532929d736b3bd87b20f795c9a4b1206bf89d53c2136cb2d959cec9e97736058cb25fdc9e84e2fd7b9c542e1512eab640eeeecddff
-
Filesize
24B
MD5161557b06b4a4d3ce095528dea370eb7
SHA18bfe9c4d916fe58d856b5a6ecaf8cd9ea4df2c9f
SHA256f054ef19481234ee5b2db1d1c681839dab235a857ed3a4bc02efa8f785f478d4
SHA51296ce8aedbdbb387438efc86aaabd13a6378628bfae203d2bc25ea1cd7daa6ddbd6dd2c81d631fbdc9b653a93011d3c80f0c085580275b683d5e0bce077e6e449
-
Filesize
24B
MD5a936690571e9104e1922dda4a0ba5bd1
SHA165f49c57edde2f96be2a1dbdfc3f7351f1e66554
SHA256f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412
SHA5123be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394
-
Filesize
24B
MD51681ffc6e046c7af98c9e6c232a3fe0a
SHA1d3399b7262fb56cb9ed053d68db9291c410839c4
SHA2569d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0
SHA51211bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5
-
Filesize
154B
MD56a070032a0a048846eca2d81f01524db
SHA16691d1c1efde37755be2415399168975c14370cf
SHA256faa94d3c4027e69e654e8f3fa287e68765298e34e681c28d6dbbb4f75260ff76
SHA512433902e3314ce1fa6e7fd8011e4a0be240843ec2432e4bea25763705e9f66fcac51d93a25984d75446f4a59d38b7f8bb5542613699ba3db434a0818117495b7d
-
Filesize
96B
MD5a54ebdd3c678b2eacfe25045cb46a84e
SHA1082b30c3e116a586fa5a2b4c7ae54539a8d2aa16
SHA25648c89c0bf4712e41f18fca64a4aca79e8f64f46e55fb0d555b1a2d1f43f899f8
SHA512e159ab8439c1ced6bdee2a056e437db67cc8a3e88534f4afd2bc208689a942b16bb5aa208d825b761e587f196eb97f7326b5a8d099777211cc82d0a57a5bfa78