Analysis
-
max time kernel
7s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
22-05-2024 19:17
Static task
static1
Behavioral task
behavioral1
Sample
68540843979bfc1cdad23957d1b54cff_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
68540843979bfc1cdad23957d1b54cff_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
68540843979bfc1cdad23957d1b54cff_JaffaCakes118.apk
-
Size
10.7MB
-
MD5
68540843979bfc1cdad23957d1b54cff
-
SHA1
6e9430d3920423a90d9ef560ef7f57a39ea9ce54
-
SHA256
28631b5c7e1f701e15adfdd23c029023af681d8ad7f663846f83f4391a2b0243
-
SHA512
8f715de81547dde9bbf1ce71bd346ce2f5d1b22b9c9fa48a883860d31d4c2202fe872b580dc152a7672aee1cab068b8e19b8190ad9a06fd2a7b9db79249f3994
-
SSDEEP
196608:7XjoMqwCxKEbA7tpDfvVbDSrtgZQpmP/KQNwDnEzjm48UL366XUPvh:7XjoMHCxKy2ztSrtgZ1P/P+nmV8ULVXe
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.hsgene.goldenglass.activitiesdescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.hsgene.goldenglass.activities -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.hsgene.goldenglass.activitiesdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.hsgene.goldenglass.activities -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.hsgene.goldenglass.activitiesdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.hsgene.goldenglass.activities -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.hsgene.goldenglass.activitiesdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.hsgene.goldenglass.activities -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.hsgene.goldenglass.activitiesdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.hsgene.goldenglass.activities
Processes
-
com.hsgene.goldenglass.activities1⤵
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.hsgene.goldenglass.activities/files/.imprintFilesize
1007B
MD517da5dc91a6aa0102ec61f46f6ee1919
SHA1209b6af2623a5b51416c0f8d6ffff7f379ab9496
SHA256a5cd08d9cf004a05cb3ad2727105563ea334008900aa643adb0d98d1afdf2fc8
SHA5128c3892797899ff6f63ba3b01932fb46badfe5dcdb3fe5764de146986f00a6412138c003f1f23778436e32db552e18e0304ddb2b1dbce6ebcb43dada5ad8608d2
-
/data/data/com.hsgene.goldenglass.activities/files/.umeng/exchangeIdentity.jsonFilesize
162B
MD509a4bc21f94bc421ac6c4f996cc5ed41
SHA1321e3f532c4840c4dc09e7faa25116401ea7f689
SHA256b0b631ed9199ad739fc8f66aec4c00e479bbd330bfe37910d2f19ddc58bbc628
SHA512be4a5d0a47398e5862324b10fc5dfce3f67bf27f65279ed899408a60fc5a2703a595ebc34262f6153759371375a7c665e832ed4da89f00fb26470b79bd8f20c3
-
/data/data/com.hsgene.goldenglass.activities/files/umeng_it.cacheFilesize
415B
MD590fda3532e4fec1a03ca3c2d905cad06
SHA18addcaca3efbc1869628825d158de44cdf442273
SHA2567084dd53535b58b35e6c1f659ff05436ea2e4d46bd584170f4f735a1751a2cf1
SHA512d65c200e5518f77ecb98a12e197f86b9671bf96503ee22afd54758c3db90e57360b242db4cfe2dfb1fc589fbc722d55cdc8c43548b34eafcc0b1940d1c71f58a
-
/data/data/com.hsgene.goldenglass.activities/files/umeng_it.cacheFilesize
211B
MD5d8358ef2c6026348075e64bce7c0994c
SHA11a7818433a5063fb87fb4e70267025a515a70e66
SHA2562b46a1cb413dfb3a9c538adb3da9ec951d5c9eb7693864b3166010e006405e88
SHA512cccb6505127b802a98406ec0fe4bf5c29094c498124192052ef9ab0885d0ed2d93c648472517ab5295e34f9d4b6ecf240590e1a3f548f4d3d284cb4d5b39a67c