Analysis
-
max time kernel
15s -
max time network
147s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
18-05-2024 17:02
General
-
Target
55d36a9ea95f5264426b1e225c27cd11_JaffaCakes118.apk
-
Size
4.1MB
-
MD5
55d36a9ea95f5264426b1e225c27cd11
-
SHA1
08f36da845cfa4e78803030918466bb1e8789d07
-
SHA256
6c6740ad4344878c8ceb7df2a88edfbafa530cbd3f2c020408dd572e1aa050b3
-
SHA512
b1250de2b1ad7bcc6a7375e7285832db3a93f5d4764cda5d587d17b122d36094dad0f12970720aa6903b9da1e1f7cafc577ded74d353dd359f980dbc7bd222a3
-
SSDEEP
98304:hBhSDK7VMRDPlepddpf/LU9MiGHNSU9C+76cNvsVZc+oKvDhP:ZSDK5GDtsrVLk4S/+Q+c7hP
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes
-
ir.pedar.halva1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB
MD5b4bb44bfcf3cc53a508e547c6dcf0c7a
SHA1dfc5c937c21dc4606256576e6b3a2a7fb00a6383
SHA2561c076c07027aa451b6727e0e007ae35bef7c69962ec1774b5838cf3657cb9e0c
SHA512aa7ba1a2a07b83ab9b0ba5635c5c722ec7fe21f2432ab3e710b707e05bd4bb3547b6edcee8095de395e71eb10471d2fa4f81fe3cbdd5568dcc5af92a8af2e016
-
Filesize
8KB
MD589f65293b07e95d949ee8de8a940e1b8
SHA1ba62f258f78c01a3df0ad910356c7d68bbeacea1
SHA256a097be13d727c2331788eb6d202a5b3824788cfca8b2d1ca0cb7b118df7f7152
SHA5129854dd74b14c1b3f6e9197a99ef200050ebee8bd727ed49a8c144db6ccfe1d2c27b05e2aa9eef2ac1316096fc1d7a35f2de7cef8b56c7556460ad2407f5b13b6
-
Filesize
8KB
MD56b3d43ba733c62c88a0c1fd366e06e28
SHA1d071e7bfbaf1b9d6eaaa8d54d463c984b730086b
SHA256e3e4d117baa40f5b695cbd717415ce13990f82acf78a31642a3dc0dd8a0e07c1
SHA512ba85b61636093e1b7609f5fb21b1a20b156bbd031096cb1169842db996976901ec253400cfcb65558fb7d419790d2fde2ac0f70dd45e2eb3890e88c312155fd6
-
Filesize
8KB
MD5edfee7357000466827290f3b9466eb53
SHA174c77e5e9ee1074826ed6256272239cb79e867ab
SHA2565ee882a45b211245721eafe48e6a5fa0a47c03ce85217bb48c5f7a2848049b30
SHA51231602da5afdd7a0e6f762201c90a9a901822fbf0bbb601f390d69c7cabe4119d1e53d6145592d2e46fa2e611eda4c2c8f588840dd6f213d0377fbcb4b36adbc8
-
Filesize
8KB
MD5ca31ba18af2c81cbcdabc33dbfbc2f50
SHA1d9d59347798e732e104abb82f04938b844a2a1a2
SHA256aeecb64baf2bcc69b7ccf1c95da6ada79f6065b05a5d2f125ebf75d5d3bc7e85
SHA5123bacdd30634d8ec3190515b77550a63d79daa9d7669e6acedd3524208e1a570229820f3e72cce2b14dabfdb6115c45586183a7e7cacaabce4362df9604ec3fcd
-
Filesize
512B
MD5e6dc92afd54799a018ee268d2a560402
SHA117e26146d42eda2a94a03e34f03d962a5e0cab49
SHA256409181e86431fa89245a530620c5629978482ede3618ab31970e6a5d7cae8007
SHA512a81555eb6bdfa842b4594a7673981b707a732745e3d4b97be2b69cb35da356e61c8611f4f1b46e0e813e8a3b63595cb2a57880f27106f7dc987482c2dcfe7ba0
-
Filesize
16KB
MD504110d00727ecc9a3bec65c11bd46905
SHA1f8a82d39e2ae3e185fc7967fafc614e395ccbae9
SHA256e8659805c05615390a80b4c7d77abba63601f0d1b61f192e3c00ec41e2567a8f
SHA512f627d72e195cfba792109aa83d471659baa536bd7361b7a13bda17005df270d6681c0f41915fa288734629238709649a06071128d406baf9245556290aef1cc9
-
Filesize
16KB
MD5f593bc8de46596e175626869a4635020
SHA1c305dddaae921e2b987ea50bfbb882b222a3a04a
SHA25601f91c9e0520e852e875cc584208d3cb138f6d8f05f680bf0cbd4b5b2eb5e2b0
SHA5129ba40d8f31d24802e6b031b411aba08bff2cdb00a759f870487100985b3a647b3aa53c6dec53025e9096c9593f6f5317a6bff5aa8f9a24a99e296f90d8b5f59d
-
Filesize
16KB
MD5e3db58711bbfd0d720d4b345f08dd8e9
SHA1c848910f4dbd8210457b13353f6ee3b40b8db987
SHA2561f727efab2dde946eb33395dc6a5a0829937bd61d1759271c66e64fd968b0d24
SHA512325efab5eba7bd8a388e699294d50d2f76fe242d39835e6341c5dcbb351b95341b77915efd6fef8ac6862b1a2722727d63b2f9f6d9c93b3dadacb0d08cf69cec
-
Filesize
16KB
MD515196aec581871cfdc31c84b57fa8e6f
SHA174ad674665dd0b0694bea4b59f6096b0bd094f38
SHA256729685fd0a12c4686d8b18cec6fe0dda07036dcdbf0a7cc5789a8f4e085a489e
SHA5120703fd51f98581134497aec8de2e54a30625c0732053f5ffa3120bbafbc3b82bf4441a369b36b2a80aeadb3088019b8169f5192e07a23124f0f224f6f2b1e619
-
Filesize
16KB
MD500e829076f54c72b50b63fd6de296a03
SHA1fbeb1b8be863931f98a7c29224a03b89f9616ab2
SHA256c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df
SHA5121c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc
-
Filesize
16KB
MD5fe9e69bc66fec6c9997c431c265835fc
SHA1ba798d6036145c950686a6d188ab9d788c0f38d4
SHA256c8624e80a207d8fab5a2a0799232b775e103df2904325bc8584e67e3820b2242
SHA5120486374e2176a9048cfdf720d8a3da59626ad1fc7c0dd630a40faa2b16765d16199e05f4e3f3be954f56e5a6418814d246acc73dc5120a03334cab78078d700a
-
Filesize
8KB
MD535b448ce33799813b3e7eaff94bcab64
SHA1f97df02d16811e63ed4cc7ef5fe48b7f66656105
SHA256099cb61d59c301949c75ba186ecc6660b91b9730e571875cd06e7bb2aa58e767
SHA51258dfec702f4b2ea3dc3bedaa9ebb3b14f0aeb2072b63d416d64a89ef23fa08b4e433ccb8bdb840e937aff59c46ef93c409a66cec7e991c2f0e3901892cce8e01
-
Filesize
8KB
MD53521f61838363810574eb38bbc311b54
SHA155c1e478613b687cb3a2a7c332db8ca2c1c5f7f0
SHA256302c138d3c60848d31814b986415f6d036c16d510bce3d6cd99a0f5be8c77a7d
SHA512fd808907d4050450bf87c392ceac3241fbaa6e19a129624c026c2e70430676b0fb916e0c7560d20408c0ba7073087cce42c7a31adb3dd91c998548477f77e5fe
-
Filesize
512B
MD5357cb2675a53d7ca2ad349b3576f1ba2
SHA19bee1c2a8a1791ca7ba347e50f37a47564391e7d
SHA256dfb7bf8722518b7634b1b3f0964e7797f774da01d0264367da0de4d1980fe0b4
SHA5129382cffad2cc300ba74e0dab7cea43d25ec40f842d40e3691bfbe81a978ca0b4c2505ebe488b0c8e140c666c404b30c4014daf8d2fc3150ea585f320348a8a3f
-
Filesize
8KB
MD5fb18739203516e7d02e3b2683f1a815a
SHA1c6b3a25f4d8bf4f5b0cec81dbc23c07db7552422
SHA256b1aedc80ccecebbdb61ed4be6f52619f50f8d447a2a878b56f530e937b7ef7f5
SHA5127a861064e04697ad178d0531b16851c322fdd9a214f278122c42d4b8a2293066e6a39fb58fb3735cc88e28f8522a846a7382ea60a90a302584abee3f2ce831d2
-
Filesize
8KB
MD5504e13dd6b4fe580d7482c81ba06c5da
SHA109bc12b8438cd765841136ca0836179a87359f94
SHA256807246a8c25a84e0cbbf311de9fc9a4c38481476f209699775769baac339a27f
SHA512527949a6b1134cf325d658d7866cc8021b527ba338f44d259792cb88a316f7e7e7521167337676d853035d10f55750a90b959e4ec1ddb7c9c1cc7857fc97caef
-
Filesize
8KB
MD531417918d5e9cb7b869474138ba1deb0
SHA1ad83841f32ec8220eaf521875ffb9ea9ffe37087
SHA2565ed6fd42b235ae1d503274a99414532c6f551da408a67ed0f10ee4238668a089
SHA5129bd0435dfc16dae1c2cb1f186e60ce3a17f1fbf57240c623ec334bb805ed3d3260d86ca4485bad65d3ac7664717b593fbb0551b468519313790ff0d223ce3c75
-
Filesize
119KB
MD5ccc0c1eab906f7cc08a6d6b35edabe47
SHA19e77c691259d22faa2409b8360eb440479b949f6
SHA256244c44cbfa632b986e7d9c25eec6013a3e8e29cc32176e478482d7a631863d12
SHA512e50757582aa3cdb1ee511450bfe576b3c8163d633d99bca7f42f1e33f5bba992c7edd3aa84fbe5aee1488b305c95e214b1a240b68637621e8d479efb47382002
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1