Analysis
-
max time kernel
26s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
19-05-2024 01:37
Static task
static1
Behavioral task
behavioral1
Sample
57ec1dcfd28d9c98814767636ed81540_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
57ec1dcfd28d9c98814767636ed81540_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
57ec1dcfd28d9c98814767636ed81540_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
57ec1dcfd28d9c98814767636ed81540_JaffaCakes118.apk
-
Size
2.0MB
-
MD5
57ec1dcfd28d9c98814767636ed81540
-
SHA1
9f742d1c784147cec66cd2291ba100b4ad6ee1f2
-
SHA256
27e9e232c515693f9d97c999b6de1f047caee952ba3390f6d4bae85902d56705
-
SHA512
76ba55424b13716856c66d9a5d0a08f27803987f70102f7de428596d8ab3b495e0d7481961e49a2317cbcd5cbcf4b627ca38acafb660cb4a7df99a1e2ce23ec9
-
SSDEEP
24576:y+ERmdINfj73sE0mE7Yu4lqWEtnuMKOsCS46shzEZpgl5rdFo9Pu98LLUMQXen1n:y6IKmBuSVEtnuXVsh4ZUtXZ0QC73Zdz
Malware Config
Signatures
-
Processes:
com.lynxar.trapsandtreasures.hackpid process 4612 com.lynxar.trapsandtreasures.hack -
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.lynxar.trapsandtreasures.hackdescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.lynxar.trapsandtreasures.hack
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.lynxar.trapsandtreasures.hack/databases/evernote_jobs.dbFilesize
16KB
MD558c0b6e45328752b20ac6e719ac034f8
SHA1372b2638afd00bbbc4034657b3df3d2e428fb367
SHA2569d74f93afa5a179b1ba2f19f154b2880aa8b99c88209802099045a0874d2426a
SHA5122d347d5824b9ab701e341c89e8327a95fd6bab8e92ee15ce9550da368d773e22bff304072a4854df5ab763750a7401f7aa61a49e3292d62c27fa9f20536eb3ab
-
/data/user/0/com.lynxar.trapsandtreasures.hack/databases/evernote_jobs.dbFilesize
16KB
MD58345588f79121367e7af8db37ba6cd86
SHA154d5fc6105b5cc179fffafbed21bf7ceeca2ca97
SHA256470d811007c9be6ee4c192bfb33f802441c7e98d7b49be81d3fd856ed05fa8f6
SHA51221480245a5cb36a400c9723767cf89acd928b7463ae45159195d488b3fa76b4ea36446fa0145b724d2d3b9ed04f96edfbbd7e2e44cb51f0a88268cf04bedfa96
-
/data/user/0/com.lynxar.trapsandtreasures.hack/databases/evernote_jobs.db-journalFilesize
512B
MD53cf1919078b31fa74d985c30fec28b2a
SHA1435ff5ad9ea42eeca5b29d99d1ca84ea13980ed3
SHA256f4d16d1bef1981a6386c5e9638f3c8d3277802b9a2e8e5d06a4adc9f4dc50ce8
SHA512628d7f13db4a1f02870790b471c67c45f381d8140b5c77f75cd82bcf79cd5de1e30bfbd23398d704cf39e977df36ca0b79dac41d6a2b66029f6e66486988697b
-
/data/user/0/com.lynxar.trapsandtreasures.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD57e8e38944395fa734aaa762dddbdc532
SHA16c276631a7d9115e2a0e3b27b716b2cf43790e19
SHA2567fc75605be2858f0aa147fb604c748f04d9d5a6078c09ebd4af1b2408ef45f9e
SHA512e11133a583e03a90f6b7b40edddfe50c48fccf91bf0c7261000f8c4b1c57709802fd74501f5e244282ae11b2c4a7ee311c9b15783b0a9d1e13d151fe589df4e1
-
/data/user/0/com.lynxar.trapsandtreasures.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5c87923d81cd4514fc90717511dd1f93b
SHA1595ea27fe843efbc61f72e2263629bccaaf22363
SHA25664b7893a6f6993678abccbfa61edfaf3115d36c1879cd51215af07181fdecd63
SHA51201cbf85562679cf55efe8c266d823a70558c5628a4d56afd89fde06d53a5d36e5c5e7f3cac5a03ea90be3e2e44e312c6c11005d40c70b060e834ac86578f51bd
-
/data/user/0/com.lynxar.trapsandtreasures.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5d57eb64d050c75a792ddd8eb39d1ba78
SHA118ee4c6e0db9108ab6aa5631edf5becd38661bbb
SHA256cc0017e6d50f0e9243b8efa2224bf726dfc5ab5cb22fed06a047060beee38a4e
SHA5128080d1ecc4bfc925e2040eb33b7ae70dbe55ac86116865e4dfda08ace37be41d7886eecfd7d1b52f4d92f560223aa0b7e65e23a643655ac4aea9fefd9c2af8be