Analysis
-
max time kernel
178s -
max time network
192s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
16-05-2024 17:03
General
-
Target
4c2313547389d0f0559f444d53fa4cf7_JaffaCakes118.apk
-
Size
27.8MB
-
MD5
4c2313547389d0f0559f444d53fa4cf7
-
SHA1
7410136739fe67f69cadf56ebe6250305e681484
-
SHA256
f6965acbd4661595c6036f4db9ae211b36e5bc0c692329f4b98562e00f31bd97
-
SHA512
3900f49f7e868af0c1d7cb087301e1fe773cef22afebe809bb565936a9b6598499c13ea45463b3f10c311043f025cf70817ba3184bea5528ff1705d81a930b4d
-
SSDEEP
786432:tCGcAv6S4ulmSFO+meOD7PGg4aL0MbnikKbljFUDRZlpxT:txcKt4ucSvmeODjGgzL0anikGaDvxT
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes
-
com.onepet.petkingdom1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
/system/bin/ndk_translation_program_runner_binfmt_misc /data/app/com.onepet.petkingdom-poU_LNcQ2fyBAahPecvnjw==/lib/arm//libweexjsb.so /data/app/com.onepet.petkingdom-poU_LNcQ2fyBAahPecvnjw==/lib/arm//libweexjsb.so 139 140 1 /data/user/0/com.onepet.petkingdom/app_crash/crash_dump.log2⤵
-
-
com.onepet.petkingdom:pushservice1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD5c2788e4bfa47bb02c1a0f3ca5b2813d3
SHA179f5fc939cd213abc6448ddeecb81c4e84b70701
SHA256d18715b31c7e6f05337c45bbd81f47c9b0dcf13e197f2e8c424045264ad87933
SHA512b91a0c2c46ce3301e5880a5a7fa57a003b63c6da6e29672fbcff2b0e1a7b8a34c8646caa95945b0e991340e13b8e4d60a290bf6cf0ac1307ece75701df4d5a23
-
Filesize
512B
MD5e431a5e9e3c7802f32a51d99b3a43a06
SHA1ba8257c2a03a990b6f43d2890c88d77f76d32cfb
SHA2567e87a212b516fcb409534d51a226bb8186a55180a3282c642e19146103b34c65
SHA512cc7a6f78e4408f0a3e89f33f95df7ea1db371d6ae0023f1c447e1526ac59dc22ff42253d37a2b8ccee6115b491fd75543c63d000be770a4e620f78b17d305c71
-
Filesize
512B
MD573fc205c6e189d977520b57eb1385ec4
SHA1c811e183094d4df41d69c16b80564b48fa05c238
SHA256bbbf55f5cea52001be61b8fae546c7d8e997d8f1127a2e7fe67fcdb4671b9834
SHA512b1f9ca18bb7ffba4921f1164d198df9a4cc2918710687e536f144c76a3be62d27a1b36355b64825636b77e34ff774fd552c685ac1c750214123029ea19972758
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
32B
MD5a2a520e205a2f7aefbbe5cf72bf5092f
SHA1091dacd2096db8ced41b61c17562f7a3ddb1612c
SHA256b573aeaed5ea55df3c30df904c7c59223afb286639ed8dff64cc7a420b9905ff
SHA51268b9a28cad413ecfe3384c9332f1b64644cddcada751e95dc364c7799fb647a4b8468d777244acd610d64be2d6980dda0b398e8a673da00999f79ed8a96077a4
-
Filesize
39B
MD57769d4507985f59116153463f09235a2
SHA1b081e84d14300ac7a7947aade9c025fa83bc17fb
SHA2565ba33c69421ad27727832442cb5939d5bc853acecd0d8162d7c10a6b96757dcf
SHA512ce5bb431a31eaba24c0cf467bedb1abee2205b74c4533067058b09ce7e8f9480b8baa01866e3dc89d1800d07da6007f36c1b4fea811e3da164b187903480d29f
-
Filesize
14B
MD5e6be2eb3afb4d3c571f662d7e62ac234
SHA1114f940ae0cbaa7b637e3fca80e04860191eec0b
SHA25610bf00e676613e73eddfcf7dfa04502a81437c22a6a3ea1e232e4ac66564878e
SHA5126de55c54638dc560ca78e11334e8216ee0924f6c42b3592b03a22a84b64548abf000b10a497c73f7bb61b9d64a3025b96ea3bab295fb2c0ed9be8338ac1c0168
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5b10ae13ebf4400722706846732948fa3
SHA1d9749e6177b1d458095ce59be19341899edb11cf
SHA256c15438c5f7d100220f0093bd491b89cbe73448538131eb024b82691d537eefb2
SHA512c465a6ab82095bc39c4c04747d8511ae434fbd4dd114a4ab72a8b5fb3fbd5dcffddaca2e46fab0ad0a7003977df9128dcd50867dfe8ef0a4559ed70c33348dea
-
Filesize
189KB
MD524b7b95bb487131b5363e8eaf0434fab
SHA1d52dcd48842b17edaf729738a408810b9df3f225
SHA2564d2ca058d5d8b3786fe31396e104a4312496fb193135a387b5ef52732b63c363
SHA512e7536f6cb84b08a7420dc245279882c6081d4d1b181e5b2b66c7de2353adcc7e2579b98712d13583be0bf97ef8c3c438217261950fbdb80999bbca47be3287ba
-
Filesize
52KB
MD51cd9f60656aee133ddc551ffbe4d5da9
SHA131b36b60e185b9d34c01441a12c4e448b8c7c870
SHA2569a0f2024d3f4bb5cdc23456e552aed4d9b1e5739016d7eaaffd3e71767373319
SHA51256df899333946e4987c1c2cdae80945083c87454bac44f477f17fc9073954760e2f1093361d7bd9fae4db22779f85027d5c882522e9a56afeab64afd3a20a086
-
Filesize
29B
MD5ad38747a84fdc8738716fc1dc442f9e0
SHA12d1dbcd7825134cbb8e4fb23c09a7ecf7f3db75d
SHA2565e8fa017edc7f376aecbb678d621aa74193d420a2f32e20b20610082304734e4
SHA512dc0731abc00ad19eecf5ed053bae9320608d63b5ea4f70e3665f3be886da6e566fd8a90eb52c356091a52369a157e8455f77eda2ec7ac016775842b66bf86073
-
Filesize
72KB
MD52cdf22cc97675cc6aa751d5c85ff44ad
SHA1afb6227bd2064e70b7d3ec885a1a2a340aa13c90
SHA256625bb103d4977b72206274b58cf1eb670c8b9024065115ccec5e085b0eada029
SHA5128f4b7644a2f59ee935d4768363f701d2348b00732c379127094f7196a0b76e5d4c0ee1d30f5696713b114441b6664a14a7dbb69668a66389fed5c471b6b47bcc
-
Filesize
1.2MB
MD5c1b74d08695f68deed7d9f71560abadf
SHA197ce22c6d2ef58730b9888e76c62fd733a6c7c7c
SHA256e48451d40cc206c22dc5b071f1e36712e45f10aa6d05a569258f5c66192d29fc
SHA512d23e17b474fa138643f6cde161ca1307fe8b08f8a4296c3af8a6fdc00939241f3e2c5d16973e4ae3116d5ec6ffe3e0c912efcf4d87574b8702b5b64ab96ce93d
-
Filesize
1KB
MD52662cbdb9d83890232c72dcd84d40ec2
SHA18fe43d8155f213b733d39741af809fda83052e51
SHA256b16bb74cfaab6807fd4cb65db026f19f3f473f560167291aabd577cc371ea758
SHA51294af660aa42c6da30f6b73d6f5e72ceb4c4e8e38906efa9b6606ecb3835445ed4df0b5fc454279d66a721691c6774ba98eaef949dc6bcba5af0e87d552fb27f4
-
Filesize
1KB
MD5428897e9c709f408e1547febb888cd21
SHA1e460718ed412c45d087781055cad2e7e9f9b0aa2
SHA256710127b7237173352e03fb0991b2161c44a15d5b847f671ecc5f48d8bbe14fda
SHA5124d90dd23b683fc77a0a35648e83d9a60cd7b1169ba6acba69767f5353ba48a6c3cf283c991b4f34eeb5480bb7cd22a0525708549f4c4c2845b18aafa306b80b1
-
Filesize
2KB
MD55a93461c922f923a0ffffb081269a582
SHA1867e16783114422b9aaa60729a697603c874d43d
SHA256ebb2369eecb28ad4ddad7713372a1edf937735cd938fd46169385207f22d0bf4
SHA512456d5bafd758de3aad452ff977df644758716b47dcfaf5bb7bb7852ecd8b05dca78c867d0ce2f091ff6a4ef713efa24e76cf6a9fa4f505ff7a361d8231ad5b3d
-
Filesize
25KB
MD588d03acbbd44e600309d142de70e332a
SHA15dd7134debadd43881229908857ea5f409baebb5
SHA256f9b2b8171f961f3d42ac4cfe1a03a68e69a4a2118e57acca5d9c6876a8110fca
SHA512381efb955126cd4f9d1b6d487c127fd2291064b052fd3bdf1a5c27b120e97cef30a13d95dd12f9c115f5133acf1527a50bc10b12cc110f3116fe0e9eeac337d4
-
Filesize
987B
MD527f697db942e92f53c0265bd6d5d1a41
SHA1538c38320dd2344f2e808c0c6932d07a5286ce09
SHA256ae0a83e5a365ac49a0bfdbb1129ef931f35a4b97c14e4e964b6a4e4305085567
SHA512f4c409a97cdba31ae0844cb31c84003a9c6c1836d36a9a7176994df93d114251d88a0b88ff98d239090aba5970889758710f9d3e0a6fa3bd5dd5b7c8fde88441
-
Filesize
882B
MD5b77faca9216ea7a4a2c10aa17f33e4d1
SHA11ac131b50f0105603b3208944230343b8431ba18
SHA25658042f878058f390b58e7ac3e03b0a9743edf8b784572b5b8cae0e37ad3b69cd
SHA5128679b83d18ec24fd852e7af003497e1a0e4a8472ceb6c2ec0b922ee3ce1f48fbbd93cb50a60105ad7af9f447d2237d2c93a14622f1a3b818ce9c13f821db0180