Analysis
-
max time kernel
84s -
max time network
186s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
22-05-2024 10:59
General
-
Target
670772656ba6f0599f8b55ab6906465a_JaffaCakes118.apk
-
Size
15.1MB
-
MD5
670772656ba6f0599f8b55ab6906465a
-
SHA1
fa1ddc4f94895fef328266ce428e9e7227fcc1ee
-
SHA256
6195fd96c37649ad45891e927eeb550698d0aa1cd59958109bfbf29d6fb26dca
-
SHA512
b96d27bd2f38f714811436df1a97b4a0ce3eb57aa20806507aebf8e3a6d559bad98b8df383359f1a70d4b5fa2576b786471ea8472d41d2f96f76d9fcb7d98a5c
-
SSDEEP
393216:3nJiN6wG3PYRIywrElnKbshM6KXZTrcmlUkR/64CaasJwImES0:XJigrQKywwln6sy6KxrL1QajwzES0
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 4 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.jiaoyu3651⤵
- Checks CPU information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
-
com.jiaoyu365:channel1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
485KB
MD54fbf8fbd1b55db3930771d862b71b693
SHA12e47a482fe3a9b23f86a45b9156ad7e941a4c52c
SHA256b1f08e952ff37ea12e2d40e11f74cc02c441950e81ed68a600f7fc7c75d88536
SHA512418a2d6e0f34fedb86024d2d7c60e05a667db5c5b4db7eed648aa8d44e7abf04901ecf07d1c2b0c4b5c9d02638736210a8a439344fb0e369c0e3060443b8cd4a
-
Filesize
223B
MD561325c994151f3cfa883de307ab9ddd3
SHA1bcbf3c20a21137d493d41ae73ee72c261e69c4ba
SHA2561daa1a2207e50d868f796268f952251b90ca8dea05a66e5b4aedeac21ac7bf36
SHA51279e4891a0a60aa159461bb4df523f89e67b860e0b7c488c92b184d269d0499c979e49f9c78b2c2736aedff92f805f7a434966505d9b62422a970c65c218e5ba3
-
Filesize
8KB
MD5ac16f04fb9f5474ef994693d38e98dfb
SHA136559b84a3086060e5b8fb3c7506813fd6f7dc6a
SHA256bc8793710f10bc371e680dfbaab79ec589300a33298d51160e1d74260fe57569
SHA5125bb1b7606f62585a66b4ab3ded494f2a63295d062bdd102cfc65a292b2fd7d446f2a13fe7d338ca29ff8566cb9e46ae5b85dbd535149538584bb6eb248039384
-
Filesize
36KB
MD56457df83d7f417fd3ad44205adea0922
SHA1dc05449290ced974d82c843a52d7579942007576
SHA256520bf66ab0f3d0eb3de232b8889e5a461437557dd3e2ccf2e5da2332976313cd
SHA512ecf4f332b91c448812e87975f57166996f06dd573c13fa4ad900246b91343bb4416c4e236acf39ce0bb52cc68041881893a032c73c316e5d2364894583f50955
-
Filesize
512B
MD566447e8c58139d7705f8eb2202d13089
SHA169886e12c4d6af8aff3ba8dc0770159083b1077e
SHA25691ef4840d33dd493a098cd8bb61be2e5a85f3ab3ecf1f399fb6c18a9330a62f8
SHA512334339f9e14fdbb7191df4e14ccf60c4b72373f845caa285deb6ec18e31f9376be9160de90f9338c5d88158652d7c6b4e09b5ca6535793e4bfa500e2641372e1
-
Filesize
8KB
MD52820423c7314356e609d3fbc763462cb
SHA1f8a2dee492820ccbcbbbd2ebdf3c07f89ff76adf
SHA256b0c0499d54ee029f790ac00ef40dd14e1f3ace99ed58c8bebf94f5eca701caac
SHA512450640aa60efc98796c9d5d0f297adf4908fe57d18a08527ceeb7bd92637b8a837a43bc26fcc71b5a277559854cc820c96f4ce420e4d78599fe12f2d68552ecd
-
Filesize
8KB
MD5336f6b45994b440c8b008c397ab443e6
SHA16c9f5dbff874ea93c9f1ffd8c06ab7164dee2229
SHA256e056a07b07c0fdfa8c31ebc97e273c553cc457a6c16385927847bfaa86365df5
SHA512f920e60e2ebf4bfad792fc10a625cb0f80f1ec12f77bb37d471003b76a1c793242021f5859e7c94626db973765fdab604e7ba1094d9c3eea3eb0e15cc9a4bf71
-
Filesize
56KB
MD59cec591e3ef91ae568f4cb6e7c2a8745
SHA1ccf756b6b465ad9ad7ff6bfbeb4e8345ba3f6ff7
SHA25605be88f05e9bfd4d6496caab584a704e7956fb87036529a0c8028f1e2bda309c
SHA512f824b3268338787275c184bb740d152d53c1d8e57a044f587530735ef04d021a2671cc2aebb17ae3b497a0ad171060da484a565bfa62d32ed334ae5ffb538f51
-
Filesize
512B
MD5c90f77448a48b6f20024215edbb09d4c
SHA18f08a6d4c45c5ec9a6a24ec2353b041373b6e3cb
SHA256ef7ebefcf2bb9576f6864bab90d980d70e01594330b5a9877954bb0f1c2a1140
SHA512e49202167960797273cd114ab624806dc953f834626dc6ef37891fcc8b31af3b0350ff3e3d9375c383f2953a410418351d97c4717f5a1e532e2ab91bc1e7e294
-
Filesize
8KB
MD543b9a9c2d8e8972ca7971030d613f1fc
SHA11dea57700196cfc7a75c899dc408d29014a72328
SHA2569aa91ab87267594d56e7c651af83db3c0387d24623f9a2a01d0f760b53b348bc
SHA5120730feedb8e329fbefa9942d849cdce128ea210482f8d788aedb291ccbf9923fc2aeb957f1ba222cdaf9ccd62c26473cd1edfcbd07a98ce715e2f8949cde2a73
-
Filesize
36KB
MD550f3d63f4b9241e212be8ec20bf3e374
SHA110353f506f0aa9dfab398275482eb42da167232a
SHA256be9049dfc1751c212273b6e4d07202e47cc7de289dd84d388a27675609056653
SHA512dfc6dc641041edc77b5b77bda43ebbfd0eb6c0f4d55d05a7a914f77c58f2f465e8d29aa7e2c9773ec93a257154a6c779a6b165b8765a214aa154976887d8ff7c
-
Filesize
52KB
MD5f6993c8a2625fd5bb1ffa309eac0a8db
SHA13e3f668efb1f615d00719c61a12c20c123e72068
SHA2566c2a7dac617213620828911fca40fcca0735ec69651ca77163818d593aff9e01
SHA51234cbe5b5ee9a7d3830db3f46c8475743e051e599398a6174dacffb1f597ffeea28873dc2cc61f7b2f15451dc7ec08e62a12bdfc69ad7a636b8663adc9cc2ce43
-
Filesize
512B
MD55e1b0bbc4e78f254af64a8137e0dc68d
SHA171e7b683e36f239cf532d1c452e9084d74134fe1
SHA256e5abe7415f220b56db5c3faad5b912e6287aa0ccd76f87d39926cc5c9cb00a57
SHA512e559427c72b14bebdbf909505cd79ccd0e903643236f53586b91e3a35b7bc03cf3f85cc6654d290fd15733f97a9e4af9a8b0729373b2a52c91a8615546af81a2
-
Filesize
8KB
MD5f0f2c37c3a3068d289e31ddb9e659caf
SHA1ff4634267e87be5d43a58a52533dff15797652f6
SHA256cfb816458196f03c76fd4f7232074a83860d7e1869e85b590e853ce530ac241f
SHA512bfc6b86b81ad31459a66127d4b634082e9e600fb58bef817e3a997a78e4b94aaad171c7ae93ba7dd0486e3ded358532cef1a0aa372cd0ad0e33bd3e61ee9a0ce
-
Filesize
8KB
MD5d610e30c240b898ded749067f32adc58
SHA1798143f34dc3546b30d0fde02fa08b923d3dab74
SHA25678da2ecda72ee09e9b31634b882ec6f83300d5ce92e060d38b42f3ea851a2f06
SHA5120ac274af5a30c483f718900cd78b48245a93fc1d1bd30b4afae3566698842c87ab28a5a42a038f20cc2e4049e37904bad9460267dd8a341806ff72170265ca97
-
Filesize
8KB
MD51b391f2ecea7c76ff61d691666d25f51
SHA12850e478a8ab0881d9167e8afca02ab49152e2a9
SHA25624f8ad5bebd4c01cc021d8717eec3f158ce67fa649eca987695ec1a253762762
SHA51217e6394a22ce8306312fcb877b6d90eb851b9a2fe49e5513364dce783c06374140acdb3de6c01c5841dc831f07f5c61fd0b6fcb3f772aa9c458510ff8df4e7dd
-
Filesize
8KB
MD56f4fc206c6d7d1dc5858b5ea1192215c
SHA1a6f5d4b3727470453f19d488e87ed7618bfdce57
SHA256134a972f6fabd9e178e8bcc192881ff6a5b6ac5ac0a0d938f8641428d3622000
SHA512c5aea2eaa3e96a19ebe90598d4f41e930ea7cf6c647935c50ddd70e9630688427b29319d5c3897c8586fb8f5b1b9510fdb03803f962c5896b8b1994471fcb486
-
Filesize
32B
MD5b351881b55d1840bf66b8c17cfac51b9
SHA17667d09f2fbdd66416133be7738cea09f03c0dc8
SHA256faeaa27a89eea0b96822d1b841da970a2a36072a4e1cb6d83c9f444486e14051
SHA5123ab7d525854f77106482a91489214db5eebb0a2e2a50c170f4940e387a89c9a2a83805495a11a73b0e14006244ec10ce5fe221535990b3117883392817056d32
-
Filesize
340B
MD5d4154086128cf3e6a38e6986eb0618bf
SHA1d39f2b3074eff041ea0b2dc0ef8d471e50c6f3fd
SHA256ac941ea4a05f61d6d91a3de9bacd27e128ab05e83928f343a9ae209cdaaf0b60
SHA5127c5c95eb7a03b361b9cb6aae499f45a4b41aacc451197adccf467713150e8fa9de1f7ae342ae5ff5eb63c513d9a259f81d8815cba559baa711e8bf4f4a4dfa5d
-
Filesize
8KB
MD526d74c4c42115fe72de4482736cadcfa
SHA17a02a1f701688ce7cbcb6322ff62cfbe64875605
SHA2565ff9f91449055274bbe74c4e3c1a97f8597c4d069fb1926ae73460e7770e27ac
SHA51246970b34f9f6b9c35bba6662799fedbba2571dc756b611bd046df12cd5268a3b425d59d1cd639ce432a21fc96e7f7e52b38041489d60950b13e39332d8e01375
-
Filesize
32B
MD5a4b72a1ffd5ce280828b22a607338e33
SHA16ca8eb69712251b4239490fb351c27ec4cfb7de0
SHA2560e8f5a59b962341cfc68077c376549adedb3c8b14e2103450c9403d7f77f8cd6
SHA512b705f1f96fcc383a7948a7f4baabcb21810a55614264b39db78281dcf91b1b733fd5f2378068773312ee88ac9fd18be4d4b78988d4235f9794398219a0297cfd
-
Filesize
314B
MD5924986ac0cb44318ad3bcf20c35c2d78
SHA1d2d3d605240d0d866a31898525427bfacf09e3f1
SHA256cf9b9e2df3e33d8fa41c555e7a48d431b42462fb4e23fb197801e80a3675b2b7
SHA512fe9b152ce0f42db19dcd94b47f7c06945cd5d5b1e856dd0f762cb81e041c35abebb5179088de2ffed7c8ecbf2500fc61a341bb8b71e1b24997b85ded0446f93b
-
Filesize
16KB
MD5d56f5f0e1048e6229d5b0bd987c7675d
SHA12189c6a32977c3e6ef8d25535be0be51e57491df
SHA256e6db638474dea0aa19a5a471740e4be32afd428c316d6f991c7af2895a14641b
SHA512041f4bac52ff95fea59d1078980604fc856090b33226fd7a36bb4eb285bd290fe5e63d9e6476e5b37775d7a8799db8e95c062c405fee963bbba0b5b7e7ad13c8
-
Filesize
6.4MB
MD5f9d922368aa3b34aa8f433f2880684e5
SHA15f300228ed0e54965c3745afd046ff40b812692b
SHA25696d39f052bd44e78746d364f935be20b45dc18ff7f95dc234dab3f40afed12ec
SHA5121850958f0f30953df8c58304dd567083fd842a205291361c570a6a6059200e365ffc8d1084bbd3be9acdb19f71491971ad7fe74dbffabc95f867856ee25c1a01
-
Filesize
3.6MB
MD5f3e528280a8778514f89562d988e5d24
SHA1109cdb07255d1f5b52fb0313a40fd6fc6f8b9109
SHA256880f086ca8d2f831f756bde68d58b9b71307180b0c660a13f7caca0c9da05981
SHA512955f23f68332aff7080ddbd7d0338fedbbacbcdba843a011b4d5501a12162d77f2830f294481629e8048eb464dddf8c9f27948531aaad86a254aa53e11af4d6a
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD5b9c3d0aea68cfd9813551db32d09b289
SHA1d43b7f95a90e3120e716c66a0f71a6e22317275c
SHA2568699478fc58f37029abbd41a1b9f4894c8e839bdc90c1d9d3db77fc93e52d6ed
SHA5125eba0adc69dcfe2ca26dc31f6c8a897309ffc7c76f3a17b365d26c8bd0a2edb2fbd734885574947a90b2b1fbe27e136529962ad0a518ef1043e8d08786ce439b
-
Filesize
231B
MD5d9a59b70b1d9ad6fe1b18aa23b368f6c
SHA135f86e6e9d9f185dcbf99a79899ea982c97da373
SHA2563ce2c036886b311154070cc250b91e04e774984733213bd878eaa2efb17f5314
SHA5128b590abf7f1216fe5910e3d883cd18d6a2f80c1eb2d84f6a76141a0811385a3a56692d341e15107b306121c36c26033d801f029e480e7fd3464efdeac27ea0c1
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
31B
MD58c92de9ce46d41a22f3b20f77404cc1d
SHA18671a6dca00edb72be47363a7071be65cf270373
SHA25668bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274
SHA51230f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56