Analysis
-
max time kernel
179s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
17/05/2024, 16:51
Static task
static1
Behavioral task
behavioral1
Sample
507f5855e37623cd1c8a9d43e70fbd69_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
507f5855e37623cd1c8a9d43e70fbd69_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
507f5855e37623cd1c8a9d43e70fbd69_JaffaCakes118.apk
-
Size
7.1MB
-
MD5
507f5855e37623cd1c8a9d43e70fbd69
-
SHA1
911af08e663e4d500352134a4c426c397d554543
-
SHA256
cede6df0e121f7155fd607942b731db61ea3116736bb3cfe40d63b6ac7cf011f
-
SHA512
804531b5af3cf4adefb3590eabbb6198a9c7ae0dd3b4b68cb4485b6874f821701db56efeeb765c276477fdddc46893798af728f737aecea53558c8fd38f967e3
-
SSDEEP
196608:MkT8Ew6zbhe/N9bMvjKxyFDwNawd2kQMO+d9jUH:MQ0abh3jBFw8BQzAH
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.tuan800.tao800 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.tuan800.tao800 -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.tuan800.tao800 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.tuan800.tao800 -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.tuan800.tao800 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.tuan800.tao800
Processes
-
com.tuan800.tao8001⤵
- Requests cell location
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5234
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
76KB
MD59ee915a3495d9cd728896075b684377d
SHA15ef9d765afddd0b7a34ff6bb2e0ef057a107f27e
SHA256ea3bac132052d295d71cdf7f1cd132f67f206034e29cffc45d8d6950dc739275
SHA512f7542cf4db82a7d9fb90bf4cdf7b23ea9e829d047092e0425470124f31c02d8454a9b4259e6b5744400d4d9cf7ec9bdbfb325d940ca5d6f3cbd3d539d38b9502
-
Filesize
512B
MD5f8e06d7e2dc8dc41e91173891646406e
SHA1e725673178e8d2d9df3b4526550f6b9c7db5ab72
SHA2564c2d45da83dac7dc1503d01563c8389d738c0582d0d6073c7dcc9355ac7760f6
SHA512e7324790dbcf69efdbedb7c0f154aa1dc258acc04b3dafdc1e1f64c8bbd11c041a9f95c02da8c6cc77e4291acde6e35106d7979c8e044993d25e6443ea1489a6
-
Filesize
8KB
MD5885426ab49e52fc3ee552a30c24abd4e
SHA1a6454d692381f778061877ee1dd82345e66db031
SHA25638b28a93007b244543f37a7498ff55306b5917d9580b64c308cd5ee376a078a0
SHA5121fce8c2f42c8589ffd0b7e58348d206308e6f65f1e473c76d3465bc1dd75fe81abd76dbebffc06acb06fd652c7f001ee686758425cf74526e2acd96e292ad6c3
-
Filesize
4KB
MD5a23456966385c61173356003ea0415dc
SHA10c482fb5bc423098f0353a34f55c9c1aef77adae
SHA256049126692a132ccd0c7527aa818fbea28441d5cecf54fc24a58d4ca408d9b56e
SHA512d1357b992319076f58774c8fded07fa30b234ff1aa4550ff849886ad12e36f3f8bf3d023770b1818e075e2377320efeef3c82ccdd353e9c9945c42330ca369a4
-
Filesize
8KB
MD5d879948b72376d1ca3cbe01dc772e988
SHA1fce0afd1bafeb57c8ffc514acbe2a29d735ffeaa
SHA256d51515abc3843fced55e4d4742f080ed62914fb2828400de63b58d2a55114343
SHA512b65c33d2091bec711dc657cb8b1572c8d0732f47c0fddb7c06b2cd1cbd41717ebf3991afe322ed370eaa9a6c517669649cf1c314ed54f5ffa4a9ec87bdea5172
-
Filesize
8KB
MD543fb3cc980060e183e54bf19f9ef150b
SHA151d0069f8aa4531d791fce5e7f9c13239b739016
SHA256681247f480533d8580f421188afde132470427e983d060d57dbacc4fb38e1d82
SHA5126d4026a3a5ce97d7a78e4261d2e715a30e194e3710183940fcdde00374b794d93b519e7ff98190858a01d807b4498f59fdc895e10ae5764a4993e08ca03db000
-
Filesize
20KB
MD59958c27f9ff1e43fe04886e34074ef08
SHA10dfd671886127d37e157d6757082297d1d09e09d
SHA25644e9b1b0d6da73b7f339c8a581dcfa3a3a9b781d8b91b91056b2e0f99bfa1979
SHA5120daeaf8a62f5f99bc9d0217c97b797ea27e9cc6a3f30903a9982d20dc02d9b8edac6b4a93061a8bb82a321e94a61c275f924877eacd0affd9cce1e7a3f192c5a