Analysis
-
max time kernel
66s -
max time network
152s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
20/05/2024, 14:17
General
-
Target
5f85f5e61a0a2f7ca8010496ef55b64a_JaffaCakes118.apk
-
Size
3.7MB
-
MD5
5f85f5e61a0a2f7ca8010496ef55b64a
-
SHA1
225aaa0cd4c204da921beccaacb3faf5bb0f1b28
-
SHA256
0873c5bd24821a6636b4968a74a76ca67294e6e5fa77ae74e98a7a3eca319c24
-
SHA512
a854cabb1ef705983ca2564a6bd355b912e560895c09361e6da294d7a8fb62448b5bcc2cef14b959b62b3b278de12d144607641fb79b2be131e832d75c216124
-
SSDEEP
98304:Xf+In15DPpSnPug9NqGCDDaCXO84xvN40DAM19BBZtQQwUI8hvkVAGwxVdaEbQ6P:P+In/+S9LOlvDhZjpSwLdNP
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
Processes
-
com.firebear.androil1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
-
com.firebear.androil:pushservice1⤵
- Queries information about running processes on the device
- Checks if the internet connection is available
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD5520f1d71618cdeee13954e0e2985276f
SHA19fb7f25d41cc9f6474b9266fec77a814bc31fe46
SHA256c19e689506191e21fe98083dbfa41f147b59c629d92bb330836c72797f391caa
SHA5127f8f40747f77efb09bce3c7ec57fa48c2d2c485e5ffa01ad7900b531a33dd7bf384ef8968d309ee04f95a023cf3e2c8bd7ea36c58888b14b32d812c48577e877
-
Filesize
8KB
MD53ac78bd97375442f88859ed96e4cd869
SHA19c80d13eb72210ccb773c1f3b0fae5d5bbd0b5a0
SHA25640aa08f8316a2e13f4baacf510bb6e6456acc2afbe1c5bef59b877b177de3be9
SHA5120da4916f5f2fb527376c1f6c602823232016a48278ce5ebf3880275f37882be3d3cd525523ce1b910791b81c46cd2b3ffe8d6373f748d896090091f9fe3eb1b6
-
Filesize
8KB
MD52210ab026a913cf2af4680b91dfa3e8c
SHA1e0f43fe0cb8d7304bdeedda18d9cdef74e711973
SHA256a8d3f59e37e61049a65e160232d3619c2499880949412cf6c0465742efba4d0f
SHA51237877c59ca5d179e19e221d1821658119fe7d348b4cc31049be98bd084074e6d69b8f308b32017f00814d1938c04f6480a5d33075961db8aa2c28ddacb5dfae0
-
Filesize
8KB
MD5f3b4bf1d1c26f8467c4d7b7b6a56ee2e
SHA19f03a9be224656e8dbe5fd19e4b0731c2a1672ce
SHA256635bf7c4550e9120710d3fc01b35506de90a1809a868d581445d705a75c4f903
SHA512f3566844f35002a882b0406daefe66fd7a1eb4285806d8ef516bb77c73f1aeee1a964a2c7ceae656f2abffdead9dc7828c8c38697db62c5b9f6450709814db71
-
Filesize
8KB
MD54e56a35061345711532fc3c0fcfde306
SHA155cb4683aca650ff3fcd415744d2d3a02c79137a
SHA256acb2832597c4692c0d9e320c414efd73cec0ba8e7d424b5266d1b9cd88b87fda
SHA51262b9bbc7ff31ecd9ec90c933e63320d6cd24e47e19338340a1c7ae05372dedbf84f7bc209befafb5049c3ef63cb09006f3436997c6df7f810c3814ceea846a25
-
Filesize
512B
MD57c99c8efc90c121f2895949c0f964574
SHA1a5888f77675f0b365025c92bda82bb9aeea113ad
SHA2564a87587478ba7f6cabcdab95e04e84d06f28263a278a61d172c6f9a88f131175
SHA51253484afca4f4a20521974544d72f0dac4ec80296d54c66c03d176a353b08be391fdf9c5b702077a42f9e24f147b875bb87295e37e3984632573e99390616393a
-
Filesize
44KB
MD5a3163e292d92c208ce88f65cf92f2acf
SHA1ca8036f6fe086d294198777e3ec0fbf801e095cc
SHA256a68516ec0435086e6b855fb4d2ae70b697df255747071dc1e307f71d36b21a64
SHA512e0bb9b153dbd3ce2d807454afdf572b4f55891f1ba8be718d5e6ead50904247f0a70ced2f04ff8f837dbd29f3d96f2870ba164a4cc65c3369999948bc088287f
-
Filesize
512B
MD536a221a17a464355ed480ccb8d16465a
SHA1a9e07a28227e53371ef1d5a912861136345212d8
SHA2560b906452ca9e6d79033d9882813e297b10b86f0e3bc7c9ca0e1ad11ecf8a5c2d
SHA5125c6eb2717a48066f2cca27ec194c018aab9bc06dad4846f6fae9f0d6baa152fe9de6e52a7417d4fc772eccae6dbd6d8a03dd0e0cbc2f133c582ac1ae9abdadd7
-
Filesize
8KB
MD5138218b4c1c3428da558c2ce2e424fc5
SHA15f376673d70ee1118d19903c0e607e8859e17127
SHA2562fcbea56f7fb4ac7972ae034b79842a43b50694ca5555d24af95806edd39bebb
SHA512e83518fc0a2c1104f7eb1c2dc666bb609a48630f204eea7ba61a1c428559915f03ad0cf3a8c13f5c86534980c9f5ddbd3995cd62e6899d5dedb0a3cb4c9d6c6c
-
Filesize
8KB
MD5d26bf4d7de72699c6ad6f0158bb36a4b
SHA14bbfdaedaa4e8ff8bd0355d62005f32dedb78f6e
SHA25634fac7f9acb4495e760b35524660deb220728602d1ed013c2d13823f41f98ed5
SHA512a635617f39a004af1411c08ce51130b2380d869e324eadeb28ec2d579b364117ea8916548234a0d4465dc0b2016694bebf9b5ead97111a75d5172b557b55e8c6
-
Filesize
44KB
MD5440d74da3ce8aedc322a341e41ae871f
SHA1a0d1e63dc787a300307ff99b71212d50b7f765ba
SHA256f6eb1684f4fd76e4db12075791b64cc635b404a9a3e79a182d532303fe34b314
SHA51219a2190526c2a1b9d72f779608bc4270149e8e0f0a97010cda0976537c1c0d0cdc098741826c3bd2c6d5130950d9b1f728f6be00af07eadea0cfbd7d2d41fbc4
-
Filesize
512B
MD59ce67044d0de2181c37f13bf3e11ec8a
SHA16ad37bfb15fee4bc08506accca1c02654c8d8e72
SHA2563a6274fdf098675806d880ae35c8f4422b9a2af7f5e66a62ff78e016c3589a0b
SHA512aa28c3593685fe07cfaaf3afe9f4056be67d2a78364c633c35dc2e7f12481d93210c95d364d920d127fd66b47af507ae86f0e4cade50905b521b46be3e5ef96d
-
Filesize
8KB
MD5e86166f4e7021d4d4812ec9c1906e15a
SHA185f5b07329267e8e0c2aae032bef942d5660c6a9
SHA256e28a1d5d9b195da55f28a009a3591084922802307ddf6575baa13fcd887f16c3
SHA512d0dc0cc90e1ecb3dd692167de1754cb404c5481ca4bac5c45a7e1cb3d018cc8995f6112dbf9efe298ec5d227c309b32804213b78e74e9fc682a474e2b9c5a760
-
Filesize
8KB
MD5f85787dce9d2b6c798c56b3a4910de2a
SHA1f947e64892b67641c47f09ea2cca0724f50ca741
SHA25635fbb8eba3e8c668be53aabb574ea990875227dd43e08280c8b9fb34e2a7893b
SHA512938657691ec2f8875352e51c4d0fa4f20e7b32ff5f9a1462b005c0292ce2093b5f1121406c382312bda79b648ee1d89d8dea3f28b0c0065d52bcc90f6afcf701
-
Filesize
12KB
MD540155231d803a57f45ec9ef250e976e4
SHA1b0277df99d895da948dfe32542c8e396d3d86201
SHA256164cae64dc23cf99e9cf36591de59b939d3081faed2cb9fda4b921d19d5dcd58
SHA5127efd6b05384ebda8a5bcf2556ebe25baff17c4d47e951b776d26880337cbdf83aa1a0d46f311016812888fd83007fece10b3c3de12dcdaa59bbc2db77e85a69e
-
Filesize
549B
MD526943a3381d92b0114e1f5f797244822
SHA1569d199511f0a056dad29076d55bec621e2a729e
SHA256d2e42cff345786cbde644a9a3328b10293f1445aa4235394081bf3988d04f07d
SHA512494cb1e3ca013b3d4045f926ef4874b21f0ec00248091232c639cb661879036c214e6e5c8e27259d8819851b03ecdb6989d223bc1280784301503799aa41ce09
-
Filesize
828B
MD55619a4a96d322938e8b6dadaa4e5042e
SHA1dabaec793861ba3c6dd225239e9df3a4bb543c5d
SHA2565750d25dca2cc2bf5facbd34f85a00299df30a5b5b6e9bb9453a886adf552dd7
SHA512a6253c4225381fe60b7134c2bb845ab6d78ee79a45e5a2eb24626f7319d7e613f3035ea872a12339676a2e6987cc39ef8e750303b7a35af61f0030a612e05ff2
-
Filesize
245B
MD5c5a8f8e29d06bfe9f66008542460c39d
SHA165e67dd91f74e599051e235242038360d909ee26
SHA25662c96a12954ad1d12afe2dca44b9f5e9b214d45475a43017e42506ae1f9ba3c5
SHA51283f60ae9e94a7efb0fe5515841fb78c7bd5733494439c592550b110dc73ba8aa207e763de075f3581916250955f6dfdeb9cfb0b632c023f42c9fbe040980b2dd
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56
-
Filesize
234B
MD598294d2339f5af334ec31db7e77de3fd
SHA1251612f277d56718658b868ff97654d353070719
SHA256ccc4a5196910f14e3bd07aefe64e41109e6f41093a6d6adaec353faeb00e13fc
SHA5124f8bd047cc54abe80fb321db3e1aecce74ceb668ea32689f8711fd1e601e3ff02bace9ab9040e7721e3183b122156a162d7458d3a68e4661f74d8eb321813921
-
Filesize
472B
MD5b1aff207bc35483aea7aa6e759c3ba34
SHA1a585096eff48a226567bee43bb310a8c6575a3f9
SHA25616b910c018b7a45283ccdad9fb5ab945babebf7921b9a3c466207f2545da5bf6
SHA512efefb3fa89799ab654153fe193b2c2510deb21aff8f8533a22c7e1dc8a581a67fa918232a5af48ed6eabd200e6ef7a5363b0619a50aed3f101a3b8ecbe32f4d1