Malware Analysis Report

2025-08-05 19:13

Sample ID 240519-e7c5naaf3v
Target 58904845d7ea5efc0b3b73a4c1cb66bb_JaffaCakes118
SHA256 44992789bf1b883674470f68fafa1a6e34f74f86b424bd6164093d460247fb2b
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

44992789bf1b883674470f68fafa1a6e34f74f86b424bd6164093d460247fb2b

Threat Level: Shows suspicious behavior

The file 58904845d7ea5efc0b3b73a4c1cb66bb_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary


Declares services with permission to bind to the system

Requests dangerous framework permissions

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-19 04:34

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by input method services to bind with the system. Allows apps to provide custom input methods (keyboards). android.permission.BIND_INPUT_METHOD N/A N/A
Required by text services to bind with the system. Allows apps to handle user text interaction. android.permission.BIND_TEXT_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-19 04:34

Reported

2024-05-19 04:37

Platform

android-x86-arm-20240514-en

Max time kernel

7s

Max time network

130s

Command Line

com.jlsoft.inputmethod.latin.jelly.pro

Signatures

N/A

Processes

com.jlsoft.inputmethod.latin.jelly.pro

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.212.227:443 tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp

Files

N/A