Analysis
-
max time kernel
67s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 22:49
Static task
static1
1 signatures
General
-
Target
68e694069ac9eff516dd529aafdff454_JaffaCakes118.apk
-
Size
1.3MB
-
MD5
68e694069ac9eff516dd529aafdff454
-
SHA1
432bafd9f4316a550ea203c047e3aa873f2e7918
-
SHA256
0a3b9cd83d78d23394533136934e221aa1371855572f93b4e6af8f43858db72b
-
SHA512
be436a85cd314a7ac1fbacb28d321a05b1a4eb7a0672eb7ecac8529dcaa390310e9eb565389f7e0798c20def82353c528a07bb1624e937b4e5feb9f34b37291c
-
SSDEEP
24576:zcg5YSJo6ht5q2M+GIyjfShDbQU7nFjk6cvq7LBfLEk2fjodFPRXcko:AMYSJXte+GkhP7x/ciJLEk2cdjFo
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.shootbubble.bubbledexluedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.shootbubble.bubbledexlue -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.shootbubble.bubbledexluedescription ioc process Framework API call javax.crypto.Cipher.doFinal com.shootbubble.bubbledexlue