Analysis
-
max time kernel
7s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
19/05/2024, 05:13
Static task
static1
Behavioral task
behavioral1
Sample
58b7ab621db29fe7d87d3e3dbd29193f_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
58b7ab621db29fe7d87d3e3dbd29193f_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
General
-
Target
58b7ab621db29fe7d87d3e3dbd29193f_JaffaCakes118.apk
-
Size
8.6MB
-
MD5
58b7ab621db29fe7d87d3e3dbd29193f
-
SHA1
4da9cc24cb61e32e6ec00f9afdbd9a1b7cc7d913
-
SHA256
6794421b8e26d4719999a973dab9e5b6629edbed29261c612f101ddf8a4393f3
-
SHA512
042784aa165bab55772161f6eea49416308445edda2f94c3136faec19ebc0367a84af3c3ebab493c00cf9688c8b209360979586058fd6f3cdb4b1bfa92ac3bf7
-
SSDEEP
196608:NfDLYKTuy4f6e59L/62XembLV77Tsq0m2DrOJApo:NfDVTu/42umbl7gLyJko
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.jzyd.BanTang Framework service call android.app.IActivityManager.getRunningAppProcesses com.jzyd.BanTang:pushservice -
Checks if the internet connection is available 1 TTPs 2 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.jzyd.BanTang Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.jzyd.BanTang:pushservice
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
217B
MD54922fc2af6de3e040f989807ae5c1787
SHA12f0573f1e26dbe832ead506f830035f6464b3103
SHA256a5a8a6e5e56aff545f8105cf24d12ddcf9b38cb130670b9af8088651670db5c9
SHA512d26e86225a39a9766ee2ea7c35ce0678a3b3df1c3fe5259efa89843caedcb370e7687433a0aaa12ca414a0720c59794ca1be5a13efa6d6e985f7b18833a4ed2c
-
Filesize
54B
MD524b05e4129a4908e56d90cb27887943b
SHA151c3ddbaae839fd69dc7179ba72fc491b7aea180
SHA256adec20e58dba7cd71c23e2fbd28c916bc295e782e2b84c03683d78d427fde8db
SHA5122dd2d1ce6d66476afd3c1698c3afe976adffeb5efa321cb7ad0d0c5d06d298fef5793a0f54c793c6b2b3598ab659b937a9888da03208a86a1b585425024330f3
-
Filesize
238B
MD5ea7ecde641742d42c19370b44f34c437
SHA1d6f8dbf965db6cab8426744aebe2ef0dec38d631
SHA256f5eee9af300cd037bf195c12a2af7846839fad897911e53d0c22a744a9ae2e4b
SHA51210904133078439ca978609b0c73ae7a168ec47f8446365a334805c0c0cd4407953a9a2d8f2bacc6952b59da7ba31dd1415deeee75dce2b6f95af7ef1ef0bbafd