Analysis
-
max time kernel
128s -
max time network
152s -
platform
android_x64 -
resource
android-x64-20240506-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240506-enlocale:en-usos:android-10-x64system -
submitted
13/05/2024, 10:21
Static task
static1
Behavioral task
behavioral1
Sample
3f01ed78c64f217d66469822fd8a9823_JaffaCakes118.apk
Resource
android-x86-arm-20240506-en
Behavioral task
behavioral2
Sample
3f01ed78c64f217d66469822fd8a9823_JaffaCakes118.apk
Resource
android-x64-20240506-en
General
-
Target
3f01ed78c64f217d66469822fd8a9823_JaffaCakes118.apk
-
Size
19.2MB
-
MD5
3f01ed78c64f217d66469822fd8a9823
-
SHA1
f61f0c39e193ff2e88c0cb703239594a639fc867
-
SHA256
1654378e495b22149b614824402f87e12192f7af379b39118705d2c2c01ddacc
-
SHA512
5addae82e7a494fa0dd787fe90099a8ce8254d9f53d61f9dbc51593a0627be1dee166465a7ea98bed965592e5bd7e14e72faa76c6d2b076be232f1d0c5566689
-
SSDEEP
393216:fgEUpXG8gv66JXTIP57FHEHH14DofbiUNYyOffe4L8FGNQbuGg436:TU5GO6JXTCFHEHH140fblvObL8YXf
Malware Config
Signatures
-
Checks known Qemu files. 1 TTPs 3 IoCs
Checks for known Qemu files that exist on Android virtual device images.
ioc Process /system/lib/libc_malloc_debug_qemu.so com.scwuzhou.logistics /sys/qemu_trace com.scwuzhou.logistics /system/bin/qemu-props com.scwuzhou.logistics -
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
ioc Process /dev/socket/qemud com.scwuzhou.logistics /dev/qemu_pipe com.scwuzhou.logistics -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.scwuzhou.logistics -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.scwuzhou.logistics -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.scwuzhou.logistics -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.scwuzhou.logistics
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
233B
MD58c59af832f882561425f8560efc948af
SHA11ecb5be14a175cbcf1bca66f31d9357d280321c4
SHA2566f63cdf133c1a66da8685db545e1a12c8b8e5b9c28632430dd11bea782f8c019
SHA512192151e50d978bee1b022ef5c66a60ea5d4683415ea691d0f6c005cb5b364ec57c2955febb0bb1a2dc4d41d82545d6d8adfe558a6eb932d7951ce1dddc975589
-
Filesize
20KB
MD5f4652fdafe0c0060f572bfa675e8c054
SHA1d0e520b53184fadf371229c52ee66b60f3925839
SHA25675561af4813b5b1cb417aa5d9ecdd41243246e7649f161d4782fbc676ee5e946
SHA5122ca5e31c8ec2e0df99f58d552812491e78d88d3b8a828ae21015320d1db2a6fc6cd90e43e1a44478d41fe527f90f6c03bf5bf36afdc9e0ab54c99c06c3b099c6
-
Filesize
512B
MD582a888c3c664181a7d6138e63240e1fe
SHA14b76d395e8f046cb8eda6a59d0527dc6df55e7fe
SHA256cfc02cde6b87c1df55d59cf4ab3c49ed7e2bda815b2f3db84d542adab7d00145
SHA512ea97ed86d2e3ac39dfd9aed6c2625f63cb65bd99d1424709287b6d8a5875e5696e00d48a19a29667dffcbbfff957d9b170fb6cb7b3cfad89e77e828b9c88ef5b
-
Filesize
8KB
MD53441de824cc8119d927b89dabb50904b
SHA161a008febf6cde5c43c4c9303cfbb5bab1be1cc4
SHA2565fb5db79ab7ccf6ee8a1d63c816ab6bbe949606c6d69060a8022829e059fcde9
SHA512f4c56ba5723aa1bac5f8909dc0bc00114c63caaf374707d6b5a6ce5104cf89e77df2e5f457f0b0bb4063ec6e60aeed9fce3a4ead50cb426a5af3cfbad38291ba
-
Filesize
8KB
MD557458591a882da29418a83736a20fcdc
SHA1decfa6aeadc0444b7ff28dc995ee75b966da4414
SHA256d0a1730d1d7f5073cbe42cd1eaea3bc48cb8b350e7720ab51919837200b6f3e2
SHA512d33d9edf939b5fe58d9b853cfa36380406e83d578e9bec635e7e931e3a689b4e5996924eaa07bb2162dc9c8c5cfa0a4795e23e72dae4b825c489d376a8b6f58a
-
Filesize
52KB
MD59bef1e91b6a003c24d0be07cc98d880b
SHA1b9f8b83726a3404c691f7d141329bd912877467b
SHA2565c491a1067f784fd3eab88e4a08bcdbb84d2a42683a36c898c8cba091c6b7e4e
SHA512f357d53bcedc1406a60847628819c1cbff997c60cae1d2b3e11de6391c6a5dadd24c09673897ceff5c949594d400018fabd3f10b549554bc06a6d79cde3f7f00
-
Filesize
512B
MD5a82e229458f35fc831c1cc147338b74b
SHA1b85df06b09d7fa0aa2feed3ab6fc147fd58376dd
SHA25671af660eee5ae37b2e66799b5230bae1960007ec5f120241ba6ca12d4411c96f
SHA5125a531a3003d6ba3bc5f88c454c3f98f3130f2c7bfac2958bd252abec0cb00bc589e6c242f00b15e135d474a771359368f9ea08e1aee23a8785b97489c0fd14e7
-
Filesize
8KB
MD51848e59acd488caa8dbb7781e569950f
SHA15d323bdd0d6bb722dc769e93f9af093afa286c70
SHA2561f25f9e0492b7e7e28bc48ac9ea0d4491276012bf2860076d05dbbeacc571d66
SHA5122049a7d8f32d1369f39c72b29d4206a3652264724c6e6997a78c75c26a9f7adfdcd6a18cd6292f7e007c63bc321913c76f01296c7493cc046eb1e073bc518dd1
-
Filesize
8KB
MD552666e66a85217d52e64411327f60c2a
SHA11993271b31d6331d2080e8e3b03af0d03ef0f4db
SHA256878952883ba63ffec25afa69993867e015151947d32adad2a5ea862485413093
SHA512b1e4559233daced0b0ac984e5091d55ba7353e643c7e790bc5f8ffd051aaf3e73548ac015ead8317e39d17cfb7523bc54c75574c813fae59a6512523c101bc07
-
Filesize
8KB
MD5c8fe2805f4874a00bd4f3ebf44795b07
SHA1b47ae7f1f869940a2d2027a582027542f4ca1c7f
SHA2560f2be791cae18b7ec81bcbd3411a6587aa3f1259b2de60f9ef8b8ca5c6636e0b
SHA5127ddb6d014e26e9973ff50393085e9faca1f9bc319b5391a534eca57efb175fc89553ef1cb25d3dbc562e323be3b72fd563c1fb5d0cd631d1757f8f6a6d08c693
-
Filesize
8KB
MD51f265cd2767e5eef6dc2954292ecae84
SHA1345bd293e480ff60df5902d9a8b809af5a5be8a4
SHA256303d27539e4b2d3c5e196d0eb067989e3e3afcd8e69c8bf3905a9f01d9751624
SHA5120a34922e11d21dcdf438eaef760ac71cc29ca92b2fe0902c1e3e6c4027a8578b39dc80b35d7ce0d0a760a91ff5e555ee5503ca887955ebb19700935878779f76
-
Filesize
8KB
MD59b918ad091bc67902e24947ea0c41e37
SHA1ef6fab1057b46ab8435f7d2755dac500225b7d95
SHA2561af65dfdebe750c54833c096dc75d14e13c666fbdfe5b27135c6a515142228e1
SHA5128dbad797d8d675e34f8947b6244eb156ab2471d13533487bd971a19ba9dc7d37c6b11a6e864424621e4ce7822bc05aa56a66e8bb846f49530578dd94756496e9
-
Filesize
304B
MD580ebdc41541bd49112bea0c5245ce094
SHA1aabefd8a75a6b5763137e31f6557f05d9d109dc5
SHA256d60ea5c46cedcbbd309ba39662b32d938d34a0b2548207e1e4e2023b422fa0b8
SHA512eac528e1d634372db01abba91e863cb22bcbfa2cfc60fe05535eba754cee809bbd54fa101bac153486521a2ed06fc6073a635b28a0377edf4897beda8099ca54
-
Filesize
5B
MD5c06857e9ea338f3f3a24bb78f8fbdf6f
SHA1c5a0a2529d2deb60fec041b4fbd722a2ebe31702
SHA256957b88b12730e646e0f33d3618b77dfa579e8231e3c59c7104be7165611c8027
SHA51229f61516876c25379a7bf4faa2b3ca6f6b53eac90e7de47671fec4a818d51441b4025cd7909f7c0a0d113ab6c5ff00cb3700c286bac7319185b77905feec4fb1
-
Filesize
1B
MD593b885adfe0da089cdf634904fd59f71
SHA15ba93c9db0cff93f52b521d7420e43f6eda2784f
SHA2566e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
SHA512b8244d028981d693af7b456af8efa4cad63d282e19ff14942c246e50d9351d22704a802a71c3580b6370de4ceb293c324a8423342557d4e5c38438f0e36910ee
-
Filesize
1B
MD555a54008ad1ba589aa210d2629c1df41
SHA1bf8b4530d8d246dd74ac53a13471bba17941dff7
SHA2564bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a
SHA5127b54b66836c1fbdd13d2441d9e1434dc62ca677fb68f5fe66a464baadecdbd00576f8d6b5ac3bcc80844b7d50b1cc6603444bbe7cfcf8fc0aa1ee3c636d9e339