Analysis
-
max time kernel
65s -
max time network
153s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
22-05-2024 17:53
Static task
static1
Behavioral task
behavioral1
Sample
681b10db9feb43c1da1cbac0a81fd195_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
681b10db9feb43c1da1cbac0a81fd195_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
681b10db9feb43c1da1cbac0a81fd195_JaffaCakes118.apk
-
Size
10.9MB
-
MD5
681b10db9feb43c1da1cbac0a81fd195
-
SHA1
25e8baa5433c2657082638d5a6abd5a735c04a4c
-
SHA256
2fab85457935f7da9c8dfe30ba4e7faf28a38c8ef6ae56ccee4a13d115541e12
-
SHA512
60af10603aaf31d7c8c75d3260eaa56010fd054aec64a1e7c827a4786b6065fa8a647f3ac989498900079c6c1067b702b09e4331a68fc080f28a3c6b7b435714
-
SSDEEP
196608:rUNL7MAc/9c/Y81xrzBDDhtkOIcH2L8Dl1mFdF8d8F595O:r9lcrxvVDhtkQHFWb8d8F59w
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
smskb.comdescription ioc process File opened for read /proc/cpuinfo smskb.com -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
smskb.comdescription ioc process File opened for read /proc/meminfo smskb.com -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
smskb.comdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener smskb.com -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
smskb.comdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo smskb.com -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
smskb.comdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone smskb.com -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
smskb.comdescription ioc process Framework service call android.app.IActivityManager.registerReceiver smskb.com -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
smskb.comdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo smskb.com -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
-
smskb.com1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:5194
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/smskb.com/files/.um/um_cache_1716400501889.envFilesize
558B
MD5a9cfdc436adcc5083b14e9edea85e6fd
SHA10506a788e6889c90e58dd96f8d177dbb7984b131
SHA256935465c6837a1869a14b6f4f83cbe802f99da6e593b404819139c4ad1acb7217
SHA512b6e1ee8391a7e712260ac96567ace665095dd560ff15186efa2151f7d54a7a41dba615aa24363885439274337c92860136b94fba216dde9bd418c5a0b5bea5c2
-
/data/data/smskb.com/files/umeng_it.cacheFilesize
245B
MD5cd7007c75a1472b47db1f7b1e0da77f8
SHA1a38433c8ffc02c8e4e02975a2c313e85afb1afb2
SHA25634f014f212526d0a0700387b3ac0e71f085568c7968f01eba6b7dfa9c75063a5
SHA51256d35033aed86f0881423ab796a04dbc9f2793ce7a7c36025489bf898fc61decee04feeb884c780336d490f104634bad71942b64b96cb842b9486c1bc334c508