Analysis
-
max time kernel
71s -
max time network
170s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
18/05/2024, 18:42
Static task
static1
Behavioral task
behavioral1
Sample
563be9d447e3e5869d2dd8a32b8620cd_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
General
-
Target
563be9d447e3e5869d2dd8a32b8620cd_JaffaCakes118.apk
-
Size
9.1MB
-
MD5
563be9d447e3e5869d2dd8a32b8620cd
-
SHA1
a19ee3a6fed6a6e2001bf726354e7ee9bb9f020e
-
SHA256
dc0d11cd1c7dd91c41e989af0f375f591b7f09e1121f88c71047e0fc761049b9
-
SHA512
b291dbcd7813933f7f3dd1105168d40174a72274fb4eef072dc0122cf7c6d7be25fd48ecb4837f8e6801119aa09da53d58ad62e7209d716f551fc8ceddaa1665
-
SSDEEP
196608:ZBBF7GJ0YHgKQP4ZTRKatBhO8/3rn7cKHUiIhJ8MeB6h31k:ZZC+YHgBudtfO6zLIhJeB6hi
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/cpuinfo com.youku.tv -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.youku.tv -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.youku.tv -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.youku.tv -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.youku.tv -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.youku.tv -
Reads information about phone network operator. 1 TTPs
Processes
-
com.youku.tv1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4236
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB
MD564af20cfd3dc832f207eafd2c00413db
SHA11322178e8056b32ddad2d2ddd0a6cdcc3751a4ca
SHA2564e7600ba8328ed782fa73a2a20a29d7638742770d61690ffb235df40aa85c1cc
SHA512a28975780ac97facd183cc2608755d5a21753345468368f3b79978512e297368c93b95ff19756d7a110f8f5372c8dc32755e95ea7692f714b4fc7a9c94e87394
-
Filesize
56KB
MD53aa6c72a569b73cfd4f6a89452d9c4fc
SHA1c227c562f81f22808cc515c268bd2cb0c4106c53
SHA2566fb578ff93cdc930b8875b227685a81c5fcec7f4169ef741ec39d3f908c3e338
SHA5124e7f7cdd2bf26bdd042ad6c8a6ab34502ab5dc47fe0877606ae515a6cc0a3774416c8cba2e3dfada188baaabbeb26f1683ba4ad6652bde1444b8afb1731c386d
-
Filesize
56KB
MD592cc54332e23e05d873e3431c0d95746
SHA1681eb93db8ff0474e17d2c80b6a16a4165c072fe
SHA2567d8b98a710cd663ca854cb5cfff1267c33afae3fcc51395f8199e86b07228ef7
SHA512e285fbbdaeea376d1682ae759dd3d5ee87a10f740cc85a33e9881c2825950154f978fe3e8f62df1bac7def6e965b70ec35e46d28c9c9badf2c649044512653f1
-
Filesize
56KB
MD57a384e119f0dde5e21a92cbe011a3440
SHA175cc4f00d202a2250f5ac6c17b2ca8682c660953
SHA256ba0a0f914155c8baf4a003287525af63989a471954c6f317c4c366c05da16212
SHA512c7dd7fe626cbf62f05694a32e9aae688a94bebe6b3d460308fafa86b251394ce2174cc31cbb56aca421a9123a410d33f03cb5ec3d16f54e764ecf1d60b5d0977
-
Filesize
168KB
MD5d6565373c92c4c01909902d73ca96d45
SHA10a0d425c19470160fcfff70b5a238999b8b6a2ed
SHA25670e2a5c94250deba4b9dadd4cd318ae51a8f9cd64a85e154324e47a267432e8e
SHA512ce60bb9bcef07a35e80a39bf300921fbc4c62d19fd5b179824e049358601fdff360ff70381da70efea473ada4bd6703767d3ffa07618966e8b5d6f550df5bf32
-
Filesize
56KB
MD522a2690af40d1ff457e7932519600bab
SHA109cd9d9bb161fa4845d082e8c9473e5c25976e3b
SHA2567e129d495b5bec2855c4de9acf7a252044876a8aa2a3600902ba957140262cbf
SHA512457b6ee95737889cedebe8c2ea17341049011d0e2553a182cadd82b94dad2cef6a778318ae94b367e492cd892681a47635913dd7bf8549051b1b19ec9c01fb93
-
Filesize
512B
MD5b49a45d780fa00c17c60f2920021306e
SHA13b1bd0f9e12df6965e488174085cdb017d599afa
SHA256b655464593ef5f16536153bece740b45f8a6bc8ae9f90cd9418f09b2579e2f41
SHA512bb662f1901265b5b286c352d151209e4671d67e980450285942aaf1859f4278f9da7b18ce7a125f60fda50893e1589fc7ad5f08725b1cc4579e736c5ecb573b6
-
Filesize
8KB
MD595670dbdb49dc4171e8ce2318bbb04e1
SHA1fd6779de53fc8019791cd9bcdb13212bb524d147
SHA256a83d33e85330c6aec06d77a8183cea608d9279295c902917fdf2e0b40d95bd7c
SHA5122c37237fb5f38bd9c87ef679d0703f5ce19a7cefe4e8c111a4bb902ddcf5369806f7bc2e8ae9472b879d2cecd966062c45c7c35331ffcc9c1f39de216baa6998
-
Filesize
8KB
MD54735bf67a792c1d5d071e65ea46b575a
SHA16245f2b08bd3837b20c8f92f862695a1c92248e9
SHA25673dabe2979bb0a4c3f4f18e754087fe9655a11163a1843220b06ddae1d0450f8
SHA51233cbda8ee6e7d6dc82ca0f60b1ce35c5179e98d2e52c93e3fa819a931e16aa9def1990023f59b79841122748ed7948216facbff642d6dd9abd023b633e1a257f
-
Filesize
8KB
MD58d18160f6b19a97b62e9b03b434d1c68
SHA1ef41d1549098ff60c74f8a185f61eedda4b215c8
SHA25697cbbc8e5a2f495080bebe5281dc37c3072a61d322b6d704fcba9c5e6eea4523
SHA51288d6fd520dea05ca149621baed17e039f8bbbecb7fe58d6a14a95e8e0b752ff0d1f09d7dee26c53455c39dc39b2751faca043970434d1a31d2179bda80dacf9b
-
Filesize
24KB
MD5fe4edceba01ee422d7f1122c02344fd7
SHA1a95189fef2be9cfd4f38ace2543bf9b21a126318
SHA256bfc917e9ac0c109aa7370dd053eaa87967f181cbfd1526b01fa9c14608e408c7
SHA5128e13f567a41186799cbc6ea78e52734445050d304e62f3a3e9d0a432d90d80b7ef79c13fc1fe5a33316349ec051b8878f0fe5cc17ea3fe466e009a43d7a87063
-
Filesize
72KB
MD511238dd6ab7942efd3eb28c52fca31fa
SHA13dd7dc9052c25f4085bc39e1d683d474e32d691d
SHA2568131db1274c54c5156500f53cebfdf36872fd5804ab7555d46c9aba822b3826b
SHA512d20244e403c10cf0900850b2903602a81068bace288fade016c100a01b313f8020244667d690e39db8b32d6a7da7449fcf45f95867ce58f1ff8b05f2d26fb40d
-
Filesize
8KB
MD5f9a8eeccd242f8e664e6c77f638dc57f
SHA1dccf23cb0b75c415ed6f01349149e196ab209ed3
SHA2568d2cea5a36e96d2bb58f5bccac2020b1f10bbee6005ffef483f6d3efce75e8ca
SHA512298afd9d6ea57b36bfa3f2e397db6632e73fa85e6ad1b612a154441095c51bef5293c1450b70c53515210e68776e110e07125ba112ab3394db5069dbec513854
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD55635e1c0f3c145a5cd65d99f407a1562
SHA1cff336d6186c283406b44a34ec0d701e7916a5af
SHA256a5d90621d0225dbea51013c5829f56e6c4327d58fb05b43314244714f5c92b4b
SHA512bfcba647f67bdb17e32a5c92267c1a94486c1c783517bd32c023d107f89bb1935dcb97874b8a15c102776e3ed75c366f0cf21f68ffafc5f7edb1b86d65f5e42f
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
48KB
MD55c1c9c05e54833057ab6ac800b60daea
SHA17b3ed4b47550501e39bb1c8ed187f2ec464a6f42
SHA25668408ee93a08f59fe573b7a122567929560ca609b9369cb4953cc7b85618ff8f
SHA512fa57620a24d99085c4720053fe3713dbd9d585a62c997771650b9e5c1d242d94be931d6fc2d0e2eb63aac5e580901641401b4044057fadc381955222d0a05385