Analysis
-
max time kernel
178s -
max time network
194s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
17-05-2024 02:01
General
-
Target
4dfa2a2812981b7b881a292aad4c03d9_JaffaCakes118.apk
-
Size
29.3MB
-
MD5
4dfa2a2812981b7b881a292aad4c03d9
-
SHA1
6752394057effe2e4fe89cd0c5c4575b7b042136
-
SHA256
b851761640c18d6ce981b2caa46b0021562586ce2fcef0c2b6253c73ac9ab4d0
-
SHA512
68f78e8af3ca9b8b3e2da1af90b79d65d1834e9a347597c4dc6640fa94b3a638101eee8b6af2a9cf9b7c55210c942031bc722e91591b6ca9f0b6e2d1379b8ee5
-
SSDEEP
786432:swCggntDWPsYz9SUDRZl8PGxRF+owaFbrf0PI:swCggFOfDuPGjdbFbrsPI
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes
-
com.ijingyi.buy1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
com.ijingyi.buy:pushservice1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
63KB
MD5310ee8d3dae3fbbc1b285a91b33597d2
SHA1d4c29e156f5143a1c245369809ac27dfb4758b98
SHA2567ad73c36078ac25ff6689b33780ac18a8eebd71dc485e03f63075201ac5a5e9d
SHA5122aa8ced985ada472f9815a88bdc8ac9da188db02f3062942253fe8ade31f4695d2ae608fc1ee0da66e8f08cf772b94a262abbbfa430927cf3c1a95935caabe13
-
Filesize
63KB
MD52de8df9ae6b83719ebc2f6146ee32748
SHA12bf1de7409816280fab343a71ada78186e66a756
SHA256f61379ee914f72ae25d1e8c8d9ffbeed223344a2a5fcda6149f8dee885c510b0
SHA51240cd23aea0762b20d67039aa3dbce20df2b729bb400330e2c70b71692c40954f78ec24a1bc9f1ef8fa1148fdbe01379697d26567021b0c5a5c29c9c1104f5b89
-
Filesize
8KB
MD50678a84566a07562bcbd09b93f0a1365
SHA11bbde56c5ba5b7a5779e2bb6abe9e12d521a602c
SHA25679e58daa5e5c72ad886e2fc05b366dca2b72c50fd5403ca5cef8b47a8f221c35
SHA5129b5b848f5b7629db7ded994ba58e8c62d42473d8f2f8fe1e5587d74549993126041640780f595055afca8da4cd885f1afb1559caf4079aa938c16106f5f5aef4
-
Filesize
8KB
MD5512c5bfad206c16b586725bf99b8c276
SHA1edaa5dbf6b01b288dc03188f765f5922d19624a8
SHA256421b81678cb3025eb5c5655b1017207fb33e84db0b2a5a838ce0394db7638b5e
SHA51211aabe9acf7ded636cea709b945aa4c6853a60b4586ee14fbb75ce2ad64156d7c5e39a09e417512b7bfbac0c24d5005c52138198f2327a37af85f4f3ec6c4734
-
Filesize
8KB
MD507d58a1d9785e9e2ec0c150cab7ba220
SHA1f2c4f89506d8e47714816d28bf99f3a9e99b737e
SHA256a442954463325741b6b41f89d76de5e07386ce288f6df16dddee7f3efeab67a9
SHA512773fd0d703df09334d9adc4787db9f092d09854fdcbed8eb98dfa294b0bc4df6f8980ac5ad58e871c4ecd68ffcca6cd198df293b08a186254874551022b068e8
-
Filesize
8KB
MD5169d49fc36d2281d8ea993ab00e7a873
SHA1e45ca503e10afd9ac57ccbf1523b9ade81740a2d
SHA2560ae00819aa0d43c6a53cea62f730748eef4a7606d430a99eaf00b759462f7cfb
SHA512ff519ca2370a1d46d0cc6b559ab70149e95fcf34332cd5f1669b478cb18edfb12b4b1bc083161a29a64d5c652f7ebdb4fb80a0471c81b3ff1d635c2f1a9bc63c
-
Filesize
616B
MD593b0c26834aa08ce8083fb1c281467b8
SHA1e8c9c35959f18b0793dcee9dcdb2f24850d03f5e
SHA256c116b8da38ea4657fd4c1457b1750a0347a54559bac3651c75fb729eff5da783
SHA51295b2ce2a01f4924566232e7a40729c0a5187a9468aee1e6b2820a18afe78d8e3fb90c9126461c81ed8c4e976c19eb9120bee32ffe75e7397bf1864afed3f55e3
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56
-
Filesize
32KB
MD5ac6025a78100ee66ab815d082065d8e8
SHA1c9c34d1e17de2747902cb45e37cf5f3fac84404b
SHA256a7fd5a12d8cd9f4b60f9396bbc7d48fe48b75b229278e732b4bf429457b564d6
SHA51288210e6474ba65697af0b81f3a27caad7a59a5a99526e8a1768b1486157fbfae9c94afa0ba3c1eea6b5dde8da6a0bad9f4a9507fd2fae90afbda54868e3b7c43
-
Filesize
512B
MD51719904bdef607aaf6f9fe2c7b53f408
SHA132277d47d4a6fec9dd1e0ce8bc3defbf19ec0cb6
SHA2569c15d2065541b16ff543d3958ad9162350757a1c3a3875b24c676e171de3b508
SHA5120b612a83d06679214b4bd6cb6919f2276ef707f634c0239ca76aed93efcfba692b11d9c9b5219d5105170a44ce0818028798e7d240e874428aad48f730a0ec5c
-
Filesize
512B
MD5334238adfa7905ffe977bb0978c7dbad
SHA1271944891f3086ddf93bb172835e5b46394ff3da
SHA2563d0fa63874daf5deec0c5b163dd43d47313873e2d3aa1881edc4038dad994abd
SHA512ec78f3f7323a58f1e7eab4ad9041f9c4c41ec228dbd747a5e39f2fe8a95b460add00b98ef2d2faa3b155c5a0833405b587b01cbb5416691cc4f9b06597e0dc14
-
Filesize
48KB
MD5927643f2aa61bd5f0724a03f5df7520a
SHA102be84c828105353f6edc894598f1ae53b6769d6
SHA25657d5134b4f0d8139f2d01fa7454cd0c8304bedbffdede745c9b2f3fbf3b872f2
SHA512966c305c9312f4f7082d0c1db05665afe49cbabcc7601fa636458cbf44221f16dc38fe157f3424971acd5dda79ca1a8b98a1e2d64ebc0ffb4f31fda548acfde9
-
Filesize
512B
MD5bb278f5a43de006b4d9fefdb62e1c901
SHA1986191cba47d952b07d9a00299f93bab2e36fd56
SHA2564ea8a6106c651b7de3ac40d7c1b00f3f21216fb2164725cc24970bb3181c8a11
SHA51298845e23ab17e29af3dabc9e5554faa2adb6a00b9111287d01ec67932254dd6a275220af2cd1bff48126635086c5e09fe4353e1336809a103ec4e19295566785
-
Filesize
8KB
MD5390464dcfd20bbcd9994d3d1524eba90
SHA14ad56b7016930bb64ba015ae48a9675dfd605b4b
SHA256df6686aed62788c647b1fd8c1cb7fe234c47dbd57924624054f60fc60fd41592
SHA51224d08b34802eb26dedc6f7f4b8154f791413b6608a9cde38b05016a145c784dedb44951ece7eedac6a7e5496564410dfcac88f1d84501072a1a6196f713b59b6
-
Filesize
8KB
MD5ff73b48bb70e484e990eb32848c4cf36
SHA183a79c21951118c42ecccccecd286c4ef31af004
SHA256d969311a20fbfd0cc1b37d7927efe20b2733ca186a31840c2ea27aac9d696028
SHA5120d9cc612f6a74496fcc38ede06ec75baf0f720b64b0e06d2374baacf1f075fccb6cbcbe2e241b76aae2926f59127e8cbb02561ef1c9ddbcea08e250858f872e0
-
Filesize
8KB
MD5189ceedf41283668f83e705a933794cc
SHA118c2e5624679457ef2ab2d05a768b0b205af7a83
SHA2562d414a37eaf5fe35fc53b465316ad84388275d2202cde1e891df7ce6db7c1df1
SHA512b48c65c28827dd7fe2e2660c546b4416cf5e8708104cc4a122957e195874063b016fa4dfdec0d24159c2daf0c0f46e4f640f142d8630f4b2ac9d9784535d8a15
-
Filesize
14B
MD5c9164a46a47f2420c6c9485f6036020f
SHA1304b757779d43b6cd2388b734fe0d09dd4c01b7c
SHA25688e69797b2f1cdac00f2214edc574ec68464a199ba28bfd477124d23b0555d99
SHA51286b5b4a4d9fc78c637d0d2a07972052636f4431e9e4bc3893e9168d7a84e31c1e9ca34e94444ba8adc453229014a74c760415842092c8ca94b12ad6506e87ac6
-
Filesize
4KB
MD55eaafae3dd4afc595bba2c5265667830
SHA16b6825f03c96e3f564827ff657571ff7b7dec423
SHA256b4b66d4f6334cd1ebe4b79b2da52e47d3611d5efb27f9f6647acafc0c37e8866
SHA512b4b38d02daa2c4fc8c238c0ce57474fe8c8ba0da427901382a6cd2c954777a8b568aa5cb97763bb7f914e9f736c4824b19418d5dcc568f96434206a8b0da6ae4
-
Filesize
8KB
MD57827756c783e30750cbc54ae9355d9bb
SHA124a9624f2464f59edd4134fdaea0c7145e50caa9
SHA256ac4cc73797d7a7026cb7c42b01c4e34e054a6eda25956bf75388bbffa93e46bc
SHA512a471af75e17ff4dae956b797f7d187e6e983f65f3de2abb23a3d29087b142c46e09c0834370d7cdb973ff248f5ef4573a70248e7878ac66114cdb4f9d66cc1ed
-
Filesize
8KB
MD5e7f4c5795f1d09b65496f191e9ba8618
SHA1f5051d0c16dae184fdd5899d7ac2656ccab1a4c0
SHA256f389e7ca20501a6c12d18695076eccdbed026a0744ee0ab4f606e9377189e722
SHA512fc5ef96d3e290f40a14e3b89feca1dc00c52e3de38154befcbb485b101a22e54bd6c2cafa942aec24d39a5e68840c88533117259640aa68b05f529bd37c2b6db
-
Filesize
8KB
MD54edc0958fe3916a2df963e337654b5bf
SHA1e7d078ac0804cd2383bf843ae25d6dfe4c8b470d
SHA2568e3b3b93546295d952b5d3d2ff58fb12e3d9330bec34303b3fb72b7da442fa64
SHA512a76906f1793d4abdaa7a7d0d0027239527b292765e6b31728d5528b2cff16b88b0e3eb6bf8d67d5d8f14f88bda7d5f65ede9f7d56dec173f05362adf06875c02
-
Filesize
8KB
MD53be20b715aad12e633e2be9a5c05a10a
SHA1ec6c409bc9c9bd1b471b601c73b5c212955ee146
SHA2564798247f8e9a665bff7f97707d1384e00da5b67195f4db006458f3386bf9de1e
SHA512525e385caefd3456c49d4d49f97f5242c41d355c642341296943cdbd676e985a7c50b623693d44cca1f45a3d7dcd6ef720e0a81f27710e37ab8908177d77bad2
-
Filesize
63KB
MD55061e4948844f7d366972ac8005e9f13
SHA1a2b79a1c79afb095ddebf0f16a1f9db64482bcaf
SHA2563aa6caecfcd101531539147e01382bc530b4fdc61e98937d63cc4648793c6a45
SHA512223d18ce248912df18cdea3c8e864ea5e6ec058ca42cc5fde738188c54abcd260d7f24ac53d4987d3e32f4ae3e1e40e01354054d035bb100eef51b2d695f5299
-
Filesize
28KB
MD5e03e21da4ce3b1a5391966335e522599
SHA1c16e7d0b14f0011b8c840c522a822ee8d9d71c03
SHA256c4def0adb374c823bce6f57a8854dcbfcbe097be7b4665b157a92a92045d9812
SHA512c4e5afbf72b89161697880e639e12c6f086cc1de9e2dbbb22c734f243ef3e58bfb84c78c2125aa58311308fc5e2eaffce5e58706ed49c444faab8d33f814d740
-
Filesize
1.1MB
MD555d152677a7a210e93fb88d1c3c9ba48
SHA1c0732afbaa328badb2d8a5354075cb02f734ca8d
SHA2561ca34be1cd1cdfc26ae914f8ea8f5793aefd05128790019546f59b1422f5479c
SHA512bb52d692202dd284090aadd338aec487b7665c70c6af12aac755988ec1da9a52ce542e4252f8bddcb83226475dc188c003011fb4ef9cf56d1830cb8f9be5a1f1
-
Filesize
1KB
MD5eebe8b1f893af3757e691fc73846b6de
SHA190e81f46cb9bc4df7779acba9fe69384696ccf4e
SHA256ee9de6f98ef8a131616f9400aff8e5e8c0733ba4c46be0459a605b9ff6228290
SHA512df1b1cf111fa71e97ae55d40f29474d9e2e167401d2475e99f654c39fab61b987118752d1b37b2ae9fd46598ce57aefbd932cfa6b470c48d2fee4b17fc7cbd25
-
Filesize
1KB
MD57c390298c87bef706b09b6e557c3e057
SHA1701fdd8c3b1fe652eb30fb8865c73cfbbf9536b4
SHA2562e805f07bde4aaf4696620652248a72cc2ddf40e492d7e2d95bcf1be78a068e3
SHA512b100888969205e4ebda1670ba43725db82ea69b4045ff8a8f1c565d53193be64c389179db69beaca57b6854be1d4a9a65ac5ef49edf758d1af72d096a76a2edf