Analysis
-
max time kernel
15s -
max time network
185s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
21/05/2024, 03:39
General
-
Target
61e980a310a4e6df667681379c218df8_JaffaCakes118.apk
-
Size
14.6MB
-
MD5
61e980a310a4e6df667681379c218df8
-
SHA1
43ef9598b930736d34de617ad416d9acb2219c0f
-
SHA256
e36e236e1f4fdd65157d36b082898304adc9cf5ea428592ed56c9c71088f5e07
-
SHA512
4078e5937919cb79a799d251949e9a009cdcf5be1f7358192e3ce850d13856737cf8cb129ce39d96cf1a2effe38b92160c7802c51d1e101f81257375abd4bd2a
-
SSDEEP
393216:gg1RNZpgOP0sn7BIwBKBq3jLbr8ey0yiT9uG+IF0cg:hjgkNCqzLbrby6hBpg
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks Android system properties for emulator presence. 1 TTPs 2 IoCs
-
Checks CPU information 2 TTPs 2 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.storm.smart1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
-
com.storm.smart.mjsdktest.service1⤵
- Checks Android system properties for emulator presence.
- Checks CPU information
- Queries information about running processes on the device
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
3System Checks
3Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD5a053dbd1eb39bf53b99c2c6fe00ff833
SHA111ce145fec06c08b1681d7c763e1a28f748fc289
SHA2566f80d01759e07b0ef18f1edc0399b36a938a2338a9b7d58fd11c91be613d0deb
SHA5128bffba484cb7b3f9f52d44a1d14eb6fb430183740ea43ae3205f2df17ce8087f83a57303d9c946e8f7f519f491add09d8f44f0beea910ef8fa80773604f03d15
-
Filesize
1KB
MD56571dc26e5e01088571a15346fb46e6a
SHA18433dc252bbdf915bc645225425271081612e75e
SHA25667041c3a1ab24fb5bef3b10cbd7690ba88fffe41c24696a221780f95ebd65e7c
SHA51226c308e7c1e65f9b1766d82557337a5ad9c823b952fcf27036794db24f305d38564dc683c9c0eec0802115c0f174e1427e9f4f6ddbe1a3bee62baec7043e266c
-
Filesize
133KB
MD58edc31e70300d59a20b23cad0c214814
SHA16e61cb2f1838bcfaf6be530027d51e9461e7ac0c
SHA25631dc11656dcc541ae85bbfea8adc7bcea33ae4c2bfca4e86320e3223412bb2ff
SHA512a2794d60896b2b3273844659bf2939499efef99d5501f72861d1e43dbe843277d5c7bc0abd55a5fef018613cf5180e98dbd3d351d4e57c3652005b51fb38ef1c
-
Filesize
152KB
MD5244aad77e7a9703d470394b8ac23a6f4
SHA1a0a9f2315175476aec6a668642ace1980ba61a47
SHA2565d397455a6c01bde751f0dbbebd4eedaf77b9520097c80348728901a610e907d
SHA5120bf3e449b57772eb59f48ce33e4f9b5ab4cc0bd93d249f3fe7e0b2cbc11ad1c05ac569916abb076b3ed91b0c80d78a5a3d95a4d460a7642739953bf35aa1726d
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
169KB
MD5f91a65f6fb15bf5e9a80c137d5335f53
SHA1917d77b86f8cd9c3ce49ddbc40584b558da717ca
SHA256859e3afcac9ce65cfe298d2ac7e2d1f99061c41196c8d429fd6154c5a6fc3b2d
SHA5124b1805ceb31d83065ef1d9d9baab885de2724f2dbd98d94d3ee9eaa5a45d087c0186550ef87b1dbf74ca25eee087b5da0beea5f16411132c9fcae886de7ce9ca
-
Filesize
164KB
MD5fd8955068fe7527b2c73b7b7764b667b
SHA11dd8f7bd06a31f6718414f3902c1e7bcd0caa2fb
SHA256e2ce0ac2e9741efe2d7fd2625d2eecbe17d4a4405aae29d765fc25b977f66a92
SHA5126c3638f74e439f398a304fc8d467313688d9b17258872800219c654fb75171335b258a4eaf119a9cb62d695dacca99e624caa23df052788b876e341fbf8bca9e
-
Filesize
133KB
MD534bc9acd86f074f7d0c1f6b97379a092
SHA16c398b4748705044952d46938daa7d07bae78e06
SHA2563134853e1bbe1de866b1a8ec6e75bc59f7743b91051e695e967a6869eb0cb08f
SHA512927a92ba2c83f6add6cee3db84178762114a15232e69eb0324b7bcb906c39d420ddfae7da1768ecee5ba55e6c687df0d997dbf0b4cc2d70909331b11cf286164
-
Filesize
11KB
MD598cac081b294cf051a350b767e21652a
SHA14392d6612dcf5860c935a33433b83179042b0844
SHA256715d053c057ff315e3b40db7e020709c0e80656f8c85fd425a4cb98feb922719
SHA5120245677c105065953bdf2f9105311af30525edd3f46a3447097a4ec527cb9b9416bd2269d02b7f21d1191fb93e47fe3d5d4a0bc9796ec420b8eb41b4ac5dd411
-
Filesize
15KB
MD5716870490897fffb3ff8d7fbb65ec00b
SHA11d98864c3d1d9079f747966e70c257a7eb3bfc35
SHA256d9d878fde0f17179e7edd0b88c2f7f105f9df1f2c414fcabd72e9af5329a8bc2
SHA512c7bf1aa1977622ad62b2ba5c1310b026a8ebfc0740652eaf2fc275a3ffa731cb521805ab8f4444571a99a0cd691832edc81ab925dc6b45b1da3776aec7b398b2
-
Filesize
277KB
MD56eb64f46c798d44ec2589d0e1f75d6bb
SHA1fb1188e283b00e284926f2b27edfb28fc6268eb9
SHA256d2672fc7b57277c9410709faede936f596aba5cbb18a3999f982be666b14901c
SHA512ddf4bf6b9e535d0c45ed747ec68b3b639199c3252dfc31e97cb486a8b97e96f122adb76ead3af82bef8923ae95962d48eab208f38aafc6a8382cd42ee47d0d8f
-
Filesize
93KB
MD56e1f61622e874aeea2b1d80a7bd8c81e
SHA1b036db3cb693e1999e5e704dfb061d2ea3f7fc19
SHA2567ef8a728ff297d9bddde03cd86b9f10d27936f39df75616f0b40e6d98132227b
SHA512566cae16cc30569d42a67186f54b54696aef09665e6d6830abf097e3979a2cbe586cc330f44f89ee6289b607b45e5868a5339279e75fefe495d00860a55ea5e1
-
Filesize
313KB
MD51c97b38f2e8c2002460ed712b08d0a63
SHA16c7ace74e3f4bdb871f90199fc15dcc951cc33a5
SHA256461c8b2878000bb7c79833dd3bb5462b26b1a465d93e2dbec0f68de3affbab17
SHA51274b48e0a03b9712169834f6d8b8ac07ecc90a0d65acb7a19c87dfc9f46498144ac7676d66a0c857803ff0a190b679a875e4390060a4ca8455b04e977b35fb03d
-
Filesize
4KB
MD5258cb463328b751dac4d15c8a59fe96a
SHA146ffb49693d70fe729183881681380331137ccaa
SHA25621e1f7fec2b3b86308315657ed1dba369fd7e37e4a10a175225be749f31e574a
SHA5129b63067f26ce38af3a1876c8335b67b633a068f17f0a9ce584faf3bbfb8646f998a13511705ea0e2e133677bd1ccc81de260902aff916d16c1cbcc06493106e6
-
Filesize
6B
MD526934eb377001f66e37289a5c93fe284
SHA15f5f8758f5f22d523e531f58123b6db9161683a4
SHA2565d28a90f4498a81461efbaf6f628a19d9778390bb5c81a393dd936181cc3d826
SHA512ec04cd9ec60383f0f8c073dfdb90892c5f6f190777feb969d5345db51fd95e651559135c67ba9a5b0a5343579e3342bf4f8ef05502859f87674f12d2da1d2368
-
Filesize
9B
MD59b1751bd331d17d4f91c2c61c1d43560
SHA188c2e0b30e1f0e21504444b3bba190b82b1a898a
SHA2565dceaeceb6d8a49d3665594710ace68dfbc1800e2d663d7febb302b4dbee3d27
SHA5121ca9e58c1c9aa38ef48f4605d96ab91ac240102fbf5d6a6c3b056855c6a2d22ace5c181e5341951d3ac70b56350ef4a0d01509e49827563fa3e0da92fc6b5951
-
Filesize
6KB
MD559f1458062d22061449017076f59d246
SHA156c2bae2f38bd42e195c4572c4ca0b046f4f33d1
SHA2566bc0590b03701304da007ff2b507f01b3816863a4ce8f410879a0043ea268e12
SHA51209313814f613d48119fb7991a25a17a3fcfbae6436f4309e792047d5bc1114ccf058d080489aa1e6fea90169f7b490f7a0663685afee4f4199489013efc07af7
-
Filesize
1KB
MD54cb1550e9e022795def646436d416dc0
SHA1f43dae6e23c3ea5381b1092a6be8f3fd4af23812
SHA256cd8baef7013e81e4c6249d0648416e7d154af460f64cc5cccada7ef2290bbf48
SHA5127093560014e59c23f179565b452837e246703c2b1ff08d827dcb2cb47162bfc6c88c55e967139383acb75c114d1fdd3570594c154b2310e9a9d894de16a5a16a