Analysis
-
max time kernel
129s -
max time network
168s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system -
submitted
13/05/2024, 06:43
Static task
static1
Behavioral task
behavioral1
Sample
3e33e653272bd153a6e8386fd818ad03_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
3e33e653272bd153a6e8386fd818ad03_JaffaCakes118.apk
Resource
android-x64-20240506-en
General
-
Target
3e33e653272bd153a6e8386fd818ad03_JaffaCakes118.apk
-
Size
8.4MB
-
MD5
3e33e653272bd153a6e8386fd818ad03
-
SHA1
8da4ee1915d24b62d3652ed863ee47e3ae4b5bb6
-
SHA256
0e83faa0b475403ce3e0dbd2171c2b59754ef30f77279dbfafea9ed670425cb4
-
SHA512
9b38fccc79ac38dc62f0d8fc5950356af8307ae33e23be32e4a5c42c5f480d79484aa3bc7963a22bbd86d797c62e0ce3bc856a722210794be3f71e40908515ca
-
SSDEEP
196608:7Ydnko4KKyJsXv71Or8ZATFGpO+gH13e7NKSeeTOQzyM:ZoRJsXz1m8ZApGs+U13q1L
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 3 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.radius_circle Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.radius_circle:remote Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo com.radius_circle:remote -
Loads dropped Dex/Jar 1 TTPs 6 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /product/framework/com.google.android.maps.jar 5065 com.radius_circle /product/framework/com.google.android.maps.jar 5065 com.radius_circle /product/framework/com.google.android.maps.jar 5123 com.radius_circle:pushservice /product/framework/com.google.android.maps.jar 5150 com.radius_circle:remote /product/framework/com.google.android.maps.jar 5123 com.radius_circle:pushservice /product/framework/com.google.android.maps.jar 5150 com.radius_circle:remote -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.radius_circle -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.radius_circle Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.radius_circle:remote -
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.radius_circle Framework service call android.net.wifi.IWifiManager.getScanResults com.radius_circle:remote -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 3 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.radius_circle:remote Framework service call android.app.IActivityManager.registerReceiver com.radius_circle:pushservice Framework service call android.app.IActivityManager.registerReceiver com.radius_circle -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.radius_circle:pushservice -
Checks if the internet connection is available 1 TTPs 3 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.radius_circle Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.radius_circle:pushservice Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.radius_circle:remote -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.radius_circle1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5065
-
com.radius_circle:pushservice1⤵
- Loads dropped Dex/Jar
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:5123
-
com.radius_circle:remote1⤵
- Requests cell location
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5150
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Execution Guardrails
1Geofencing
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD509930ae30d80d4dae8417c342a534bcf
SHA1624e4b304c585baa443675fbfe7cb2212df3f126
SHA256481e7f3012a370ab3dc73f0ddc12f3582df08a5c2b290ce8c00554e46676db2e
SHA512170714921216b53b64d4a06e02135a0cab99e751decf4805a987efebd8a495f4e7f4d3e003e81c9c13870a09a1254110dbe02bad2bf5322ac02386e8147b3b94
-
Filesize
512B
MD5105e4f190984ae63851ec4e21152d6b7
SHA1b2a52d390cccc2602e91d446763bdbde9f5bdf2c
SHA256e54ff37acb1961750d051c48ea9e1599b62b3e647db317613db6fb193c52be35
SHA5129a28ff251f5ad057e8883fba4d20db2127945b3c7f277a4593d8e1bb4104dc16d0f441aa3a90e20d6120e01fc887b3bb69a2ddcd2bca6c89ba292b08a8873374
-
Filesize
8KB
MD507639cdf14980851ee3186465a568ea6
SHA1c5a89f4785f06489a657a3edea1188f861955a5c
SHA2564f3318f8ca80f4e705588031464e99945e1f8edf867c582d9595d9934eafc6a8
SHA512c3dba1ebd0f0ca2fc48100fa39e810748c2d385b29d984e4f52adaaa274e4fcc33e3ce9c2920b421e2515ef59dd158dfed5f931f4e0f2df171579633e9682717
-
Filesize
8KB
MD583abc8cc2871dc6647c5af620ed32fb9
SHA1668702bc7b7ff0331065b1e0c737ffeaddd510e0
SHA2568c3a9aabab8579c704738ce517f1c981e4183a4bfd213b9caa8c06e3a291c394
SHA5129ebfe7e5d6527014f7e517908784e50cfc3ec1844ac74f559df1099bcb323c8e64a378a423b8de717d03ef2c9929b58b7cd8a65bff420e0035c74d1af04159a5
-
Filesize
12KB
MD50d53a6827ff413c86bc01efafe388369
SHA195440e9cac7d1cd17c63a15ad0ea4c855df33a90
SHA2562e4efe6195d62c28b34421e99bce8d0825efabffa49a9477e2397453050ea925
SHA512d376bddb7fa52ae6d8c71bd269b659ceda658f7a752438e26a9fc0b53dfc166bf86602fc6a090b9ba43bd9a7980eb8069bee4df4de103e2653a24800e76931c3
-
Filesize
44KB
MD5df0c2f3ec7d9c4eb72fd68191a8dcd56
SHA1efdeca48e07020e02eab38af0f70784bc83c54f1
SHA2566653d2c385bec275b5015135f9def2c922932bca0098bcc2377f9f3dfdb4fea5
SHA51228bff4ed8a4294865ac94ebbaafc8e87c69a7faaaec3602df04365fa470423479d02a2618337e929f51af5bfa575f8806e7a54445190f639b164e46a61dc2c18
-
Filesize
28KB
MD5bfe8087f617c70201999337699fe86f2
SHA1bfc4b2881606bd1ac781616744902559e0b0bd5b
SHA256569a2322987e14590d4901370751bfed814667585ae3ec4f30aa23549b64e528
SHA5121bd1470624fc236150d88e3c5d75c30c56b1354bb169eeb6c8eea25ddc01fa91e2c9dee085e903234b633f7804ed0be2eb36ae23923b267debc409985211c6a4
-
Filesize
24KB
MD535581622e6aede038f47beee82f0baf2
SHA13dfe1d7937c2e28c430117b7d2ea201d3229b4b6
SHA2560466e0af44f723ef4d81b7b058f4a5d746e52cfa406e31ff6916dac0b72bd6fc
SHA5126bf7bc1d978a5763a785b8870481ec4fe61e9c4fb69f21b76796b7cec5fe07300eeb96db4c8216148dfd00e9c450afa37976f15211fde1ab3c93ff5ae30b05aa
-
Filesize
512B
MD5677fc90acc975b55cdb4cbd4a0e5fa66
SHA1e49f5cc1b61aebaad293791d7935ca5796287efa
SHA2568ed12d75850d93ca403b91368e03659e064de7c01e6760c96e72a630506b209d
SHA5126a76c29cdf28ae0f249c497f5ec4b4c795e94e946e94b5e401602ebb9c21215b445b47581692ca1e236c00738c541aef5c4557e065a66649353920de28322abc
-
Filesize
8KB
MD5bf439ab23e9f87c3465330c49b7db32b
SHA13f41f0ef5f56afef68f4c70ec802fb36c5d2bb72
SHA2565987a848cbb0ff6e536b36a7b1444c1cb0df79e57407a69e99b39cc8b236e156
SHA5127321aedd038d13a4c52d217c9d20b925570db8aca7f0a559c31721c6314bfbf142e464178f089464f2e358c49c86f281fe225e1fda738b4e642f685e18054d45
-
Filesize
8KB
MD51f883a51d5380656e567c1340c5c0090
SHA1f0d53822dff6848ae5b0884668e9645274436663
SHA25641b5dd3db0600c1316bbf9af4ffc78ccddb9d9d670b0ae74f745a6c905407376
SHA512baf5c17dd8763a56991f49719ff36dcabcf9ef4146187ecfcbec4eb91d1f17e6c9c2b726b9506d2394c464970e4e2d3f9c6b309227ca98e1d92b7ea716804129
-
Filesize
525KB
MD5d42b8af0da3a6d747f8d907c2cbc7714
SHA186e7c13793a941eae9f00c366bab49ac25b5fd63
SHA256814e4801d30f81cdf51e3de15b7e8e97c79e002e41febc87fb113d87d81063d3
SHA512cf57bb2ebcdfdea04998f62eee673a8cc1eab7fc4bcd6e6db79d061d4cd87d4492a00a153f33c1fda6ee274983db86c20a59fda7a35220a6555cba7525c99936
-
Filesize
248KB
MD5e8ff2c53ea1010d6588705f9e7b19f0d
SHA16c6c7dbd36d5a1924c9aad4c9a4a77d52be42bf2
SHA256b5391e2c45b4e357e633af3a24d585cfb33183294627360ae5555297518c86b6
SHA5121a71d761668bde5228973aa097bbb2d31ca7f4d857e8207694215c2a0bf71e9eb81dd2176987db4096f7017b467a10ac7cf818f995b0a034b57204c57dc6616a
-
Filesize
166KB
MD53f1348cd6165c9a66a9892565c917ca1
SHA196f0c939438c494cf3fd89246d458e92c0c7203b
SHA2565fbe3817e4047e14c40b567be4955d7579c8bf7b7824bf8370f5e194ebf9767a
SHA512405c3d1d5f4899cf723509f8e293f2ca1d95a79f7892e93401309372335a6a286f2eae9ee9312f69af10c5bcabd091cd90608898a129542b0abe0617c500d023
-
Filesize
4KB
MD56a86f30539dfc9332cd235fc48fcb62c
SHA15c202003f6346edb85175b8df7c460793f5512c6
SHA25634bfd1e28c3625f50a23240c4b08ac50a90fd35c5e5f88aed1cf36fa8fe5e18f
SHA512f63edb8270e6cd35e5c6896e2b9153144af0d29303e367a4fa81941b1b2bb0de57fa484badb7ec7f05ebdfa67d77b00c3651572c5f05e9314389887f5546d235
-
Filesize
80KB
MD5744ba4d6f58e22f8f82d56a50e4b5373
SHA1535e389f9b7f2e0d14e550fdd00011dfc255e0b6
SHA2568b47d5b310d68b6911dbcfd7ecda4d7131351f66365f81db82f2979ae2f53592
SHA512e888ccb7fc6722eaf8fb6bb8370c55f9eaab299be08db7c57038efaf945569b62b7b6b2dde5169044c5d60a4a9a9051ee7a7c2146153aa7d22d8b7c8f3310055
-
Filesize
10KB
MD5c16f5ca1517683c46e02a6b71aab3c00
SHA12d09a048d1b8d556d89d4d723947e9e234b5e59b
SHA25613d4fbc0d1cb7c2761641a3632c440f6f1d919dce731b8c32cb35e652b0b39f9
SHA512a692b79382747548fd8be8ed94c06198b143c167be1e96f60d8ea7ee9432a0eb1a0cd73d0704523e487d59443bf7ad13eb36e47b67864e227917d33225e3e62b
-
Filesize
8KB
MD58d66122cd6363e13d13bf09e2942989e
SHA1b9831ac603b58c35fe9767f5cab271eab69b7718
SHA2562b6b6d3d34c1bde21b504a9788122dbf0cde5793ce1ee46ff27a29a89071026a
SHA512be8dc31ae696a694182fd458949f90cc0e571e3596a097e585586b76a800f407ba091bdf5c22fef96a03d89b13c061b178992693d7cf334883a222fe61b59a5f
-
Filesize
8KB
MD59f6586fccf0eb02527e22af17bd2e7c3
SHA11aa6cbd2a365dc0ef213701471d3ea28e206b5f5
SHA256beabc02e6d616732698dd232ef8a3efd396aa61cf4468231d1ab6e3bd9a491ee
SHA512c6c1df5a58bc9953e76742b8a1bba3015b4b03c3d28f91268c9be5de68640340d99d374112a4b80076c7b236016aefffe27bfbde53ab92ccf6f41cf879660866
-
Filesize
69KB
MD5277c60639bcaddabcf270e4bb7bd444d
SHA192b672d66a44f77f9a368ca01c8d2c35f2f62471
SHA2562adb5dab9e126fbb01d8edb62aef1a74d9830b5e750ee50ae7edbb7adbe46ede
SHA51289d8bead995de4059854d92bfc4129773f2cfab1c689e3a20481f222cae61f61c3cf8069b265670687b785febc354813c0858635d4fb2a3d6e9538878bc4fbe5
-
Filesize
28KB
MD549eefa442e55be8652c7c3c5f28d912e
SHA1941ef7e65d47d38dd5f47084663f4fd7f57fbbc9
SHA25663d7b59dcdc791b5d1380a1d06b9e199f6136965dc21a887efdd0cfac9d0a1b7
SHA512b6c9d8a985a865c43348e34d94f149e4b552359d9afc7f5db660535ea107fbbdcedee542b9bfa018f1881c6c021b1e9bd331debe9562dcdffe2f8b3655d2d3c7
-
Filesize
1KB
MD51c6abcbbd253448057930ad1cc59ac75
SHA1a5845d1c4bc87b8b4785b456d76edcb8309eda4e
SHA256a46b498ba6586aaa2f246bb34e47f4290ac60273cb86ff662475b0def7172136
SHA51271aba5b2a1020d1925b3844c861cbe595de3b21d665eedb13f1ef0d80477fc091663e0625b09c5f49d4f9d0770970dd0d188b84635e9c75c1bdba9f2a7171631
-
Filesize
127B
MD5d54b7b380a5ff46c78283013a07d8e0f
SHA1f697c5f7028ba2679a96d6bc5291c38ff96d7982
SHA256c7ad837b097687d92e0d944815fc70adcb0e1cdc82db28f728d13e8a48d7532c
SHA512ade792589c33179c51305f201bfb6db28c05b2ea098d12bfefc1a5cf9bd3014d53830ce2e71f027719ee1b83b2394c7654b5ddf4fdc7f678840869d2a2787ef4
-
Filesize
76B
MD5ab587e03a93f8a7f9ceb7182ed451dc2
SHA12c8c0eee3b62a10dc77c6fde4a8e33faf8551e8d
SHA256eb9ead4b9ea8593f613f50841f9bcd19a995738b367c6ec8a83c5e0500f55035
SHA512a3e5cc81f1d3a1f49e6897bd50a4ab0e32c9e0d1f7af264853eecb37da9dc78f7e77b2f52ae967b037ece7d28a002429d017c736158302254b2ac03cf1223661
-
Filesize
512B
MD5b34359f87fb4895ff4e249d378b2240f
SHA118d1d3756766e01dbd33fb6a0e02e1c995478844
SHA256e2e8821909468e996c47c21893fc8f541e997314fc24a6c8ae2089ba508e2efe
SHA512b51baa737f8a2e9f8f372770fe44f3ab3dfcabb7e306b85d4453c11bd2afea922c6deb9f631e65f582d069921c064c69c0b349c139eb1908c3bd896eacc3a873
-
Filesize
8KB
MD5a0c3f5e318d6842529578db34cee8c00
SHA190dd5ae7d5b490c1a9c3e9bd2a0f84963e1e8af2
SHA2563ec0af86069c65dd01d549e626a48c42e867e1202c55fd295b7072b50c06606a
SHA5122a1aa91c1fe154d04ead75b29231b5607a8f0fc509e23e94a25116f61ed161f4482a605a8883a173c7461b4f70e829ad833e2291f1ce0a1c2b5d02cceafb6c99
-
Filesize
8KB
MD5aa7931912fffa542c3d5218d4c238373
SHA1f035779c4d060cc093a38d5220dad8c209339777
SHA2568136d1636fa8b920919e49528749b8fc464e12692706d8d6ef24bf99a02ddc35
SHA512aeed9b595594180d1974dcee97f21c877fe5b792f204f3fab82d0116bcc69647514b7de1e40b8a9743f75f8c49d93e5d3aed000e46577630a3fb93260491b72f
-
Filesize
512B
MD5dbe47f75934d2b2fc0c20b9d619c92e7
SHA1505576885b0051646fa80c10b55c63aa3501442e
SHA256a0ac6ea894c36ecf48a3bb94e91ecbbabcbbceefe70efd20dd7eca6856efc567
SHA51233ab65422eab0f755f8154eedb8a9136d26ba592df1c0b7d7f1c477b03ba913a59fe912244534650564f1656596eb9ddddf7516bc59d4f918480a509306c69c9
-
Filesize
8KB
MD540d6a66b32143ad95d4be89c5e81d896
SHA1851c28c7cf8fd6be20326affdab806a73905c7ed
SHA2565b2122519261f1d03a38b3883d7fac69d41191e956852d80ee220c0f70411356
SHA512151ed94f14f43486d8389dca27266acd527d99f109782a06834dd4419a6eee33d82316a019e042df43a782da0276c73def22260bde7f8b2a9ec4ddef32f6b67f
-
Filesize
8KB
MD566c830da62c112f2b34f64bb64c90529
SHA17999374973e593158773beb9da7db5330a736a22
SHA256af81a54f41255fc802ce27529ea90e83a1fdb81700ea765d3a3a40525694f63d
SHA5121b53332b464b1ace0fe365e60350bb1b3e7e6044a7fe1bcf85e2e6f18f680b4d7d12a511ee30cb6cf7e357b1290b72c22892a84e5e74b3a321de23648114ca53
-
Filesize
8KB
MD59f1e821de9969b9b01f0f40c02b6d27d
SHA1337e617224ab7fbac5ddfaaec1b0a152433e7399
SHA256b3672547deedb2f7f25a60bac6500779fa82a86d394d8ff55ff9469cca2d894e
SHA5127383ebebc70282733ca82943ce6f24e41d4b3ab1456b94483831abbc80e9d0e2de74ba6e7318d5bbd4e8d740bc6a45f74f05053defab3d84c8b0655099bdfc82
-
Filesize
512B
MD5e157427446986159266ba8b4cce6e0d0
SHA189c62f147fb2e6fbe504ae97318df4e0c00c05ed
SHA256cfa6dc2e06f8a48271c6555ed013fb362614b03ef6df736c8b20361f13d5a1c8
SHA5127271096aae7f516cd3a03b3890b154a14014d3f90d9727e2b3b0e9c12db47511f52c1b379e4bfcf793ed356ceb6f49dfc5177db38a7e83835634edaee039136c
-
Filesize
315KB
MD54899aca36d1ed747a447dcac0d101a62
SHA132e43edc0bf3e036683ea8639472e6cd31ab9929
SHA25667a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f
SHA51250b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f
-
Filesize
24B
MD5a936690571e9104e1922dda4a0ba5bd1
SHA165f49c57edde2f96be2a1dbdfc3f7351f1e66554
SHA256f0f5049c51879dd7da0ce4a43349b5b34ce053d072a0ca704f62cf22ba4a8412
SHA5123be1c3693963aebdfc04e86b1c820ee0ec3cf0b200e6a4788ef1141f39fd6c2f77f4227247ae4affa66c0a6c027df8466cc0dcec1e67ebfb953e36bee97de394
-
Filesize
24B
MD51681ffc6e046c7af98c9e6c232a3fe0a
SHA1d3399b7262fb56cb9ed053d68db9291c410839c4
SHA2569d908ecfb6b256def8b49a7c504e6c889c4b0e41fe6ce3e01863dd7b61a20aa0
SHA51211bb994b5d2eab48b18667c7d8943e82c9011cb1d974304b8f2b6247a7e6b7f55ca2f7c62893644c3728d17dafd74ae3ba46271cf6287bb9e751c779a26fefc5
-
Filesize
96B
MD553f7f6d70cb9c271676fe7b6f9f9358c
SHA115aa7853a12555e46c0ee6c56e3c84bd2f1f7cad
SHA2564bd066b242e2e80f48e34e007b71ced7ac73446d86e9aa9cd4fd719f96171388
SHA51295ea647c75bc737c003b4b7451f2add3e5a7fc84466ecc17c2b7ad48245e8a5db7ddeb7553b17470dc00bb604d8da3af29af5539c3531d9001a2ed73a52f73f8
-
Filesize
8KB
MD55471860b208bb84081284b85fca9ebfe
SHA182707b9f13f5f5d5036c72b893d628e4b130bc59
SHA256e6d7e70b24d9e72eee0af473a9b82f1ae8ecc00fb720c835a89c972d19624675
SHA51288591a13fd06cd59cc65de2b0a3fe08ff4a4eebdd5f7a11965bb156e144b9a4b827ae7e3d6c2680f340f8fd1862248f2ae08cf9f37c6889240bbe376c1ef6c09
-
Filesize
12KB
MD5a381d9a6126136bcad6077f8e302be93
SHA1553bb84f438a578466c3a86a946ff4f9bdf10e01
SHA256269da11ddee782d775dec7ef374c9a4793475e286955e50c41379137d5a88d3c
SHA5124de33e44ee9945a038025f71417c61d8f06a2b34b6d56b167c7378f4951183081c347b8532764202446c84346b5291f77fb93e35907ac64e661b651b3deba5ff