Analysis
-
max time kernel
10s -
max time network
135s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
18-05-2024 14:18
Static task
static1
Behavioral task
behavioral1
Sample
55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
55259564c9321d32b249c4afd162eefd_JaffaCakes118.apk
-
Size
7.3MB
-
MD5
55259564c9321d32b249c4afd162eefd
-
SHA1
14d85319652f9047cd4dd2569a78bbf9c81b2709
-
SHA256
96fb8b8d23e69239bf2ce04b6dc122c476e7b20d735aa24cff153803cfc4c6f4
-
SHA512
0cf0611bb8b73ad6e74c12c96a1333d9161ee48e12bf3c17c5df0deb7ad96d4bf9acac8897ca9cfa6e8ee14c2fa1671003638490e558a434ef3226beac3887b1
-
SSDEEP
98304:vk0L5nCNdy3W4T7rUivk6TaHohd7tz1kgfOuIx2A7/8ds:vk0lygdPUivk8iohdrsx2G/os
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
Processes:
com.magzter.eduioc process /system/app/Superuser.apk com.magzter.edu /system/xbin/su com.magzter.edu -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.magzter.edudescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.magzter.edu -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6648B8ED0068-0001-10A0-4A5BCE6DB2B8BeginSession.cls_tempFilesize
79B
MD5f3a0fa2e91882465666a45260e3e4043
SHA1ece08e8db66c7a355df9503acd303f45a14958cd
SHA256d6d3d94ed648ffc9bc8f7b1ddefebd7607fff418d59fe2083d68b2c9a45bdf0d
SHA512d2ec0efef3af4b6155c882b72f352c5ea2e5ec28ee866f43d1d2c4b3605f7c5adbed1802b13ae00ed33e023c976730dd0c8e95e8a8fa400fbee766eba80c020b
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6648B8ED0068-0001-10A0-4A5BCE6DB2B8SessionApp.cls_tempFilesize
111B
MD5fcafbb3aacb0d1e9fb0fbe725c7a22b0
SHA1e12dfee36c8798feec3005fe9537aef1d6442e7f
SHA256ed4a23ef13b739deec59d07fae9fd24a73279587fa167b9a24613315a401b1e0
SHA512e5d86f7cee1d84cce1c5be241120688c72c3817b098a93f9a6f030b7d339719cfc9f497464c921de06aeae4e5337e06321402a52fb4fdf83bfc2421c1469b2f4
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6648B8ED0068-0001-10A0-4A5BCE6DB2B8SessionDevice.cls_tempFilesize
131B
MD553157a4cc1bb8d536348b6075d5a2d19
SHA186426661b80c564d77505fd184559cfa0f18c613
SHA25694f9f2092c0c471758427e1d5f12a29eed280218c1fa16fe9a855f3606be3ca1
SHA512292a3d9ab69a14dc6a087643ccf54e1d35b0d537ee200ab7a866862f4f82ea2866eaef4cde44316e4d61084825175ed4012fed3377ce01f5d9a7588f550cd036
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/6648B8ED0068-0001-10A0-4A5BCE6DB2B8SessionOS.cls_tempFilesize
14B
MD59b3d4522944ce6396563812bfdb92fa9
SHA16d2a6133c8f01938a48ccc77ef86ad8ca335c020
SHA256d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9
SHA512091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tapFilesize
1KB
MD51f57676c492b7f707d057a7f5024aba0
SHA19dbb546514e7f555a37f325842954ab0c13339e3
SHA256802df7678b145de65a6b7b61627aafbe4ce6ea5c424da7a7baf5b1f8f4355a78
SHA51238912b9fc3f0329a32ad3b8cdf432f40ba1ed69dc690b7445313bd3ae593d38f4f9e924d704cef11f7361acd53bb94960f99f23eb3b18669d98ce0703be93819
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tapFilesize
514B
MD5bf4cf41dd64e6c13d91cd54626bcbb40
SHA1e46ce9a5bad721712bd60c4c2e2fb154e05daccc
SHA2567f97b8f6c1c622d5fc524d9b9aab814cccff9e18994a3323f71df4cd501f40f7
SHA5128a063e3a7ac369d29b6b650a1265a2b43e72fc767225f677493fd5aed6fad42a6d07f13491bd532693411f6c4bfdf6d2cc1736870069e3ba94b66f42e19fd562
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmpFilesize
16B
MD5c33583fae4e0b61cde1c5b9227963237
SHA1fe2ebe4d27469af1460f7e852031a04208ef629b
SHA25635c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e
-
/data/data/com.magzter.edu/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_86d0d100-5f15-4e9e-a23c-b6ef192b23f3_1716041966232.tapFilesize
395B
MD5db22d174bfbbc4f1ab1398aec54db7ca
SHA1f44cfdce6ac0bdc7d1f3ec369f4808ae6efac750
SHA2567670c882bbda90a6f9159a5a13cd270b7dcc29e046954f104352ea692fc02347
SHA5125bc5e4b3411dde3d3f6ba24ca484bf57f1b72b5dbce1c6910c0a178d5ab6dcec157c96d536124fddbf40230c7e1606cb03d5f572bcadbc3733df84359760387f
-
/data/data/com.magzter.edu/files/SsGXrfESqFilesize
358KB
MD546bbd1cfc6b3ba5fe1e69321cbab150e
SHA17e26d4d7cf8f7451254dc7dbc227d85cedf0e313
SHA256e6e3a79729a42914bf9e838bc4cb89c8f5157c13a4a77aadd744a38c7a34d998
SHA512422c73b86a4948fb38c287df901a64215c46ef8d364a856d8ddc0d05e5225daa64909a7ae545cf21c9a697a66653e364cc8514bf63218b7b08732531286dd75b
-
/data/data/com.magzter.edu/files/SsGXrfESqFilesize
635KB
MD580a0e6a615f3045bbd36049b3a0ba233
SHA1549137b3dc700b4b190f3172e372c29898f92bb8
SHA25645900411c2462d398e3855b42f438279fdb790e2dd8bcd5c4cecf078716d1349
SHA512316c387f0b42fce02bf333a24df362f0a1df412360ca4c0606a6f888e91f91d45b169a8ba9326bcd8b5048c4b9f0bc1d2ab24319fe86387ecf1c4b4cc145aa00