Analysis
-
max time kernel
4s -
max time network
171s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
18/05/2024, 09:09
Static task
static1
Behavioral task
behavioral1
Sample
53fc2c64e3765111d7c625393cc9f12d_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
General
-
Target
53fc2c64e3765111d7c625393cc9f12d_JaffaCakes118.apk
-
Size
11.3MB
-
MD5
53fc2c64e3765111d7c625393cc9f12d
-
SHA1
e5c940af900446c4f8f80058fd7307b081bd5ab4
-
SHA256
6d2153eb47d2d681579af1d4ba8ba7a9222710a696e96ff43fc9f7a1f82bbda7
-
SHA512
2da69d70128575e4cb338389daa0e465dcfde43b279f690b2117c955b2f255d544e84af0180d74e16cb10f4cbaaf47760c2eafc337530fc9ee6d4b3eb4653dd9
-
SSDEEP
196608:KnZAMfymlpwfg1YYlC03xPoOxBFj4q8l1NkaaLpUcAifL3Xp+FeVoqHVw7k1kqe:KKQ4fg1xC036sIvIUcbfj8erwA1o
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo ai.tick.www.etfzhb -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses ai.tick.www.etfzhb -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo ai.tick.www.etfzhb -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo ai.tick.www.etfzhb -
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
description ioc Process Framework API call android.hardware.SensorManager.registerListener ai.tick.www.etfzhb -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal ai.tick.www.etfzhb
Processes
-
ai.tick.www.etfzhb1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
PID:4595
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
MD5f1abc67cc72bf5fe66779fa5dd1dfeac
SHA1660f6d1cffa2bf57ec29105e40d08ab103cf18ad
SHA256a953ef381606a6d98d98f3278e94fc1d5b58a0778f8ea3e305111586b759c14a
SHA512dfbe97f3c1f3a3ebd63fc5bcee1b1dd1b91dfe01ac95af8fe897f44079e852421fa0c4cf038da6e43264d50f3e612ddc2be9aa17bf47ef604ca428fafe0858de
-
Filesize
512B
MD59e867308d3c483ceb14320a411672921
SHA12ead49c71ab17c573aa60a4eadd5d998405627db
SHA256c74d76aa246fba6ca910c38ad4426432b42dec3395a858c667d0a7806480dfc1
SHA51219c237e761bc9562cdc5919e2f9a8cd73ff2d9799168ef8462a1d10ca68196e9ec550c21e8c19a27d554b8de22ef8a99eb331cfef3dbe03b9a2ae630307a797e
-
Filesize
8KB
MD5d3fcc2bcb652153e9467e59e78f6967f
SHA11b06905cf1f0c3e06014ec234758372a3a055114
SHA2565b3a8cce3dcd4da8670402231e145d0f694b9ead191984f531bf0e328e78cf05
SHA5123dd48791e9e52359c97bbf3498bc7e699bcca104a3fd79ebbaff63ead33dba7f5cc9e5554f91f6cf33fb3fbf2c3c7577ab3252e22b42344f4b4885c3094455b3
-
Filesize
8KB
MD51e560747e885fb54e2f184c8ad100b81
SHA1b0f2568dc068c00a69c6464604e9674f3030e6c1
SHA256ec09f22763f70344b7d36647259ea14aef8536013c7cd23172bb49f59f30b95b
SHA512f7bb1d749cdceb6f4a2f6f3e3f694e70771fe2347b44093d8088390f7748dd278c36b5eb86a71ac8d4c36c7b4e6a02abf09d7db5be2ff508aee23f2b5fca5a5e
-
Filesize
56KB
MD5a860ba3e3a648f73fc11269ff9ea9c16
SHA17167faf1666bdb05633e945dddc3d6af6c35fd0b
SHA2564087524ad761d0669a39007849311b2b0a32c1a62d0a7ff04d4a77d702bfe27e
SHA512279991548672e18e99522e1402ab96a3b1887a6ccbfa350cab5c5f5096807beb647b9cef0a5668755798f8032e243aab9ea5f1cfcd934671153d54fce48ef8c0
-
Filesize
512B
MD5232c83f98405e5c3e0b06d5547c247b3
SHA1d26a337eafe6301a2fe1bf2a9353efccdeebf295
SHA256d0e5d864c1433f34e11ee69e8ead0ed7c8b81ec199a03b29d134f40b49b7f447
SHA512e333b0f12ee06a9d048831b617654c784316963fae019b5d494f23d09a94cd81777da62b2de1b1a6081ba851909c5c9b3d3a9178947d07828f87dc6dd22fbbee
-
Filesize
8KB
MD5638ca6ca2e5b463fe33d542ccf9e7a6a
SHA1d1feb48ab8d243568afd55ef8ff9e91600c25c95
SHA25663ae241f41234b252609f8e7215876e7f2a0ab72ee80e85a81268d6778412739
SHA5128ef2974f7a9aa17d8a68f52e821f9944763f0bc2eb17e2d834d773bbc94f10d82f7df9e47d9da324e6610013d6f38cd52387b730cfc39afa80c440c7b870972f
-
Filesize
8KB
MD5d9401452667b4ef27d2aa61e580dcc77
SHA1a0d0984edc68ba6815bd9d791ab74f4f78b1c182
SHA2565449af113855986c3444048efbb1bab81e218bc6395f3929ae05a2bea9c9d4f2
SHA512dc50a33dc758ebe2df1593877290290ddefcea7b0bbef66467f94efa04b165601b1a3434fa9b42fd2029c2610aaa171fc7beb4bdcee4b66bb4ad4f26e56eda9c
-
Filesize
20KB
MD5064201502ce25754236b3b5c12e24c65
SHA1e2c89961dcf8306440bc99f7b058ef4680eacf0d
SHA256b4ef8a71919ac4b6ef9a895a991b527f5c3316fd6204eb815366c9614dc71f00
SHA5123f5af9d3e7fbca1c0a3f9ad5a8d8d8e1d3b3e3c79cfda89b6baef007aeafb4ec5738626fca1f682b73b0305a94a4e2bf17c0bdd4fc7fbacb80ed02c7affa44a1
-
Filesize
512B
MD53aa36948be983c77ad01686fd9fa86c3
SHA131df846094d46f18c33f50c4505b86bcbe6369c1
SHA256c056a35acc5e875de2b2b5157988158238854f62ba94f4a9c40c8e01ad5fa084
SHA51200492639d51f9d0e530940d431c81d31e700e704844e34666eb1516739d7253a3d64d28b7b13966a10e224620207f26192c6034fa89ba084aa68eb30a097f5a7
-
Filesize
8KB
MD5fa3d8cae216803adad791879c92f5d2c
SHA18eaa95481129413df146d5859b69e8488b8edf0e
SHA2567a30fc2194a74866c28b4e63a71bb9cbfef6bbf0ada2754ff8fe30021feabe07
SHA512ffbf3e6526b3a7a3577e8d3dc0e07a224c4b776128294293c135868e9f50fd713402f70fedca904a6bdde034caf3a977a1c2d2155f11ab7f5a8289722b348546
-
Filesize
8KB
MD50274ce81bf023849d507e917f377bbfd
SHA16924ce67937d687cb597e1612710bf809e6e6ea5
SHA25699258dfce2b3aed768c09364138baf226e3ab0da8908c8bb160712a455271a4e
SHA512ab72be635dd17c6cdaa4ac303e24c0cc170444cba623ee0c4042897df72eff23f332c846e6b5274042fc3d9b1f758901b95b2b3db2ddf36a8098d695a5f6c8d3
-
Filesize
111B
MD5e4cc327e331000d11beaa260bf5eb2d6
SHA1fc1ba4eacf0e3a533e741efc0baece58d634d12a
SHA256d5afe3f184bd489afe204b4bebab6d73fbdc83c6fb3f2d19e8c11a1cc6cb9c84
SHA5122df5ca8e052069c07b0705a02f4c6f83ca00bc9d1a757f962731f44488836e6fba69a80b840c5e3781843caf8f7748ea592bd275a0e9a571041ffbff66a53241
-
Filesize
213B
MD5f35948dadadc72dd54a8cb7a01636706
SHA1874c102d418c31d8c162de67f2956b0912711443
SHA256bd64b39511ded4d809376e5d245ec45687b6164629a10e426a27437309eb1033
SHA5122e81b8de37c48a1d6c95a47b46697fafd280374953b1615e07f1e0e2c2ba9a724548a3af4a070cc0505c3a0222ace50e8c64139871548904ed1879c949fd1d13
-
Filesize
111B
MD55896a73291b533628e6e1964dfaa4337
SHA186cab9ebd844f11a1a8a9698079405a9f4c5d43e
SHA2565009b579e35ecd71f895d355ad2b2c0dfbbbbdb1698ed3acf7ec05c9d106e641
SHA51228534a44115fd28a759dd60910cebd1271e0698c7ccfeac6cfde92059ebcb5fe9284c768744e309443a00b8da2d33adf75792be2fe1b908221becd72c84b6e7d
-
Filesize
167B
MD5acf6f9e6cf8f19f87e0ff53417bc1bdb
SHA156136495298796371f2fb7496a596003f0dfe438
SHA25608e67510c4931728dd3c301095ee1f851cd2a827a7ced1ba27713db020c3cce1
SHA5128a4306df0ba55c9feae00582555865902a9add5d84b328834bd3984a5dfba1cecf47e744d9882f7b0418fb353bb58661d0717da081ac4fd8d22ea1222f245f9e
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
2KB
MD556365b8abd4178b69cadaf8766b246cd
SHA11b7986335d329a72892ac9bbb1cf5f77de4b1366
SHA2568334ee2b559cf4b7b09310d58b7f6011b44bcaef09881ce116179e35cd0b5166
SHA5129deb641da235f472d0c2dabf778e44bfcc7dd4710f026fc16708d84045c0c67f5dfa62862b06714d4d7eac40cf1b762575dc128b3abeb474616a9ec6180599d4