Analysis
-
max time kernel
177s -
max time network
173s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
21-05-2024 21:37
Static task
static1
Behavioral task
behavioral1
Sample
64d9597adb9df9f9639d679625ce44f0_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
64d9597adb9df9f9639d679625ce44f0_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
64d9597adb9df9f9639d679625ce44f0_JaffaCakes118.apk
-
Size
1.3MB
-
MD5
64d9597adb9df9f9639d679625ce44f0
-
SHA1
0995b131d1caa8c08ed543dba50248cffa019ff2
-
SHA256
23017cf18a4b707769ced016570ab097c5561f742ad9511a3d2f4871ebced3d6
-
SHA512
0c42c5a2fd4ed2dd1522a116ac71f227c72df0fadfbad65e46078e996908fa9dfc909eefa7ab4e29adff430c10d94c23e14fe2907d7b934e612c083682e8d7d0
-
SSDEEP
24576:OoL0otaYtXMheC8X3lUKfcfIkuovSp0ojro+H8j/qZq/13tdHbZKm51Ob83L:dQ7YtbX1wvTvSpLjncj/qZq/1XHNKmjH
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.vpkv.iupn.konddescription ioc process File opened for read /proc/cpuinfo com.vpkv.iupn.kond -
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.vpkv.iupn.kondcom.vpkv.iupn.kond:daemonioc pid process /data/user/0/com.vpkv.iupn.kond/app_mjf/dz.jar 5196 com.vpkv.iupn.kond /data/user/0/com.vpkv.iupn.kond/app_mjf/dz.jar 5276 com.vpkv.iupn.kond:daemon -
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
Processes:
com.vpkv.iupn.konddescription ioc process Framework service call android.accounts.IAccountManager.getAccountsAsUser com.vpkv.iupn.kond -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.vpkv.iupn.konddescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.vpkv.iupn.kond -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.vpkv.iupn.konddescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.vpkv.iupn.kond -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.vpkv.iupn.konddescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.vpkv.iupn.kond -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.vpkv.iupn.konddescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.vpkv.iupn.kond -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.vpkv.iupn.kond1⤵
- Removes its main activity from the application launcher
- Checks CPU information
- Loads dropped Dex/Jar
- Queries account information for other applications stored on the device
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5196
-
com.vpkv.iupn.kond:daemon1⤵
- Loads dropped Dex/Jar
PID:5276
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Hide Artifacts
1Suppress Application Icon
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
105KB
MD523ba0b249042b7ba33e92c0199b0ea4a
SHA199b13ee9f7307316c2337953fceed87e9942b794
SHA2561ed0751a141b17c80a921f5e8ba90c66a56b8e73156f5cbe133b57d550ca4ef2
SHA5120cc88e2b7c2ffa4db274d690e3bf12098ec804b9fcd9e92b57d2fa0c4161031d2e84c91d86ba8e2b6e8b4837852defa099333f76bcd454c67b31632d0cdd4861
-
Filesize
724B
MD5df1ff980a354417d0c471130c49de84a
SHA1ec6f5a0c8501b74abb9b35ee5e72cc245be59a6f
SHA2568628b7439382f5cf1d2ffc743a19cfb34ab6444186c21755c919b23586967cad
SHA5124b1761a91eb352dcafad7e33405e9416028ad859e975a16d8a72cda68e9f6a10ba09de0e77e9a6d7518dc747d33546d31f9aa63803b319676bf0fa092e19e889
-
Filesize
105KB
MD5293ea5f01e27975bed5179ba79d80eac
SHA1c5b0806a537fd1cb753e11f1a9684933317716b8
SHA2568d86de68978e859c8262c0d0e932d3a1d57457b57ce88940620befab1bcead5b
SHA512c7cd2881367fdf95ec4151449b359decdae1adf136388edbaaa9880c7ebd14fb3579e7a15600a856988c55d207f7ba1fd7d938f4d9168aba8a7ff1c3029d6b53
-
Filesize
28KB
MD5dae68dcffc3d522a79f98ebbc3b6d457
SHA16df5dce9a50f12044a2d20b8d1742ae47b82ee03
SHA25656cf91ca198812e0ef9ba4af0e96c08a32e24c917bcf2250bdebdfd7fd6f5286
SHA51223b76f988399e9c9e4f5a7e8d19ecb765abdb115b0beee35f8ca9d221bbc5ee79f0152fac4261cc91eb9e7f874b5c6e9bff2dbb1812d31412d506cf83c16adcd
-
Filesize
8KB
MD5797b3a93e02c5817457ba4c86ecd6191
SHA1d3df86c753865cdfc90e01f291cff4a470407272
SHA2566600a7d3d9e7dca00565afbaf09890e177182f124e99e267ee12146b440cb377
SHA51299b9342305061e2bb66ea3b89e2bf480cfd1ed4d7cda39a49a4cff3012f091e238b10656c65f68afba8e468afbe91fc62118a921e030ef3316e1e8657befa0ec
-
Filesize
512B
MD5987f5aede13fb8f9524aa92f7e2f70e8
SHA113890e8327b32f4e00b8f22c77f634543ca9cac7
SHA25688ce2432904b3ae9e6cd3d26d470986a7bf58d248516781c61d11fc109555568
SHA512a6b7b844cb9b4920238197a31d5131da6eae48812859b50eda3e25c92dd237bc6f811c1a6f6aee627c62dcd341384f5120b5d50ec1b07e235629b50661a44a44
-
Filesize
8KB
MD5bb6db9c34f7ebab7dde7044c329db1dc
SHA11d3136f25a053931664d539e43bd9f7cb6e9c548
SHA256a6366e7c2bda66869d41ba39b40586266fb7be751c824d0281f07ce99367b100
SHA512fd411bc727b15d961cb08669e1ba4ef490d957ebcc5f04735fe2baa8c701982d585dfa4cb4ad5d83d52ceb8f4713afa985d366910470440b09701046572cf73c
-
Filesize
4KB
MD562017c8705ef9d9f48ab130d199abdff
SHA16315c52c7dd39a50fa710c00255d4ba4c786a162
SHA2564607ff51b6cb31621b4c04c90ef8c14dea06d0ea7d49380d2fb7410c01c1f38e
SHA5121e368d0d2a9e456c4fe4034ff4b31a6a3e56ee5605eb3fd5f891c106e90fbedae7fbb775a10f311d9210564ca08e81df568c9775c96685a4790bd379d97038c9
-
Filesize
8KB
MD5969304359c53b51ba51e13ec89301742
SHA1050770d0cf07573d313adf9109829f325c0785cf
SHA2563c8a771f224ffd408ea7a170c38508b73dc42b5d622be5837033f25fab4d62c0
SHA512e3d3b21ee81559fc682d18fa02ba3abfb3db08f839d5a276c28cc2eb77052349587074a4c94725623079a2be66abdf731c0fdb0569857b8e613e3a73099920c6
-
Filesize
8KB
MD53d004427430c4da08440f6a73a2446fe
SHA1de1cc041482f6b5ade9f266fddb03fc2e39e9a35
SHA256ccbf86a127945c4e6c43f1867c887f877b4b084b1a053c73cc7a2f293ea134c7
SHA512d6893f42c7a3b006b86d367d08e4fd5225df4f3d0ed179793f67058467baacd7836ee2c4ca7e66dd93ac20ef9cfe4c5f474c5657c0bd6d4fe1eb82fac0baf386
-
Filesize
943B
MD589666607d40ac468fda9f8a29a7d0c26
SHA10b2720962c3e77276623a04f22bf39c2eb9d04ad
SHA256cf165b81d8a8d3163c3669e4d42d2b1166dfca9f34d062054f07c5386be26869
SHA512102a1bfc39095d00aedb3c52ea0f8c83534d33a9f7d093fc25d7c37513d939d88beac84e4d620056c72638022061df9ae1f17ab9b473a7896ff99dccd7e76e2d
-
Filesize
656B
MD54e66bfad1833186fbf47f749e6128261
SHA19718eb61e4bed9c64cd178bbd7a388421958dd38
SHA256e8fa76785788bcaa894c86a7e425b3eb096999628a23c99cb32aa9b3d9b35d28
SHA512e1565fdb542de1a1acedca5c062460df7af0728ae8b40ec13cf703e4eedd593793b69aab6240a58e4477e78555f5867b886dec5e32645417c8016deb5eef14e6
-
Filesize
162B
MD5921e4563988a79b01ff8aa959250b861
SHA1aeee82133339babbaefe83c8dbcdad81a54fd3ef
SHA25664792a4d94b39ea41c8ac2649efaa2c6baf3619671a451edad2011c5321b165b
SHA512021744bbe0ce9f91e050aee243dfd164c9ca7e01c296e1db82bac09c6f8923e988e27dadad3fbeef650778cfe403dbf4887fa0e14b502d65a671ee1a49929274
-
Filesize
1KB
MD5a97056c0d327cfcb5a7a543cd94933d4
SHA1a88e2da82e8bece4b4b46f01c2c7230a3bdbbbeb
SHA256985c8b191e53668d87dead394138c9b7fb93bab925c830fbf1ffcd617e98fe8a
SHA5129aceb6c0d57beb44e54574dbba18bd3b26bc3c531d8ac00a1eca02e0678527ebada3bd285679bda44b8d55fb37b05358850214d34f57e965a2cab3e3f3201c7c
-
Filesize
348B
MD5275ea9c83a2c5eab95508b527fa0c346
SHA1e66345d5f2095d7cea5b784c55d83ce29cc433a9
SHA256da06894ae414227c9a6bc6d3cfe7e3e7ac804c6163a92ac2d0f2dfccd6675765
SHA512dd3e93d7515fbf137d98280898c7eeb83e71799017e64aef7292f73f26b8b879f164d42db1ec37835b9e8cfab5fbf31d6e780f372d42acfce2dbe6538ceca480
-
Filesize
248KB
MD5a54a18b58c6720991c021f433dfb2a46
SHA1d2ffa07919f92b6e04914e39843f08fdb2a75b68
SHA2563dd88e4418bd4271af728fc6436c873a55e6b6f5c8ed241ee2cb0ee24fe3f7f3
SHA512e4a51b2462b247b1e5fbd947d06a2eba334f18398daadacbabcb4185f4255f05c22d656a8837a6088ffbdcaedfbdfbd8281c5dad4880c4e5021571e3fefc88cc