Analysis
-
max time kernel
179s -
max time network
189s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
-
submitted
23-05-2024 22:22
General
-
Target
6c729ecaf3a1413cbce2cbfec9159014_JaffaCakes118.apk
-
Size
11.0MB
-
MD5
6c729ecaf3a1413cbce2cbfec9159014
-
SHA1
5f9b43b8228bbbff6e7891785eafa53f77db424e
-
SHA256
084d7d0f0f3c8378127fc27e4fa104f64c4ccbe46890718a6835fd3dfc012fc0
-
SHA512
77c7bd7ec44ebf81972eb000f3dce38991548d04d3c74423fbddecab1a42ee233319e12b53230bbeb366052669da2b6480c0b8d170969b8cba01a70ac4d64308
-
SSDEEP
196608:CmdJifUPeu1S18Hm9Oh3G5lV7ejQAQ1n6AA+tQ4IgIKl6iUobxJBOobxJ2L:tdJioMgV0l9ejQAQNA4ZINKgGZJOL
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 3 IoCs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks CPU information 2 TTPs 2 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 2 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
ibuger.jiedu1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
ibuger.jiedu:remote1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36B
MD537e8e716e0e2f4a0b05cd9571d95b84d
SHA1f8d068f6931707bddb8cd69f706f2224ad1fea3c
SHA2567080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca
SHA512e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6
-
Filesize
20KB
MD58b764288e5b03915523b257bc39a11f7
SHA1783ca102effa2b92bd1fb3cce9c2ea0d1594942a
SHA2560c8b1c78d80c381d25def8f85ef795827fd263b2e1cf5febd4f81417c2f2af24
SHA5128c7da795855d39f32776e36d0b825e4073961112ce142dae1b82b18842979ab8f5468325498ae3da0f1d504ea0eca8c4b3c13f60a6c6a624d9f02a9e3de20021
-
Filesize
512B
MD59083bf107da4bcb114c483c7b40cc07d
SHA1913e7e63f82bcb27db343c5730cca01542677599
SHA256de79465fa1c5800eec6ea7a162aa3012cbb7e076df2b4aedfc26efc3d216cedc
SHA512f2e9aeb1e02531a3bcd18da088f10df59fbff9310c16a287c7f950606d7b03904a6e81c57fe0f728ba3947891e9910a0e2ed36fe8d89b43ae5e5974262d09bd1
-
Filesize
8KB
MD55792517792649ca9de68fd26e1f14201
SHA1f3de17d1e8d06e79d0105db51ec55d7d382b8b51
SHA25681c22e858399aed2a053604c213b02eedeae8429dcfe3af363c2ed612253d3c6
SHA512f0c81f7bc04446463fcd98c318f7dcf3ad9d40e44b1d19359b8cc2428dec813694925ef6d00ca413769df3c69726b62a47956d776d0a73c97232bf6f17f16f87
-
Filesize
8KB
MD5bd6c93ff481513f776a4190504321d80
SHA1794ccbe3db9dea9c1ce51a56e5cedb83a3bfe06b
SHA25633c2f19f2a47a58fe5db0fe577fc70dfcb4ec86e7cc70a28018d43842454fd80
SHA5120e8f89b84da5b7e08d24cf1d9e9a9c2725655733d72db713471fd882dce7bc1ce2dd74128760fbefe4f8b51dda1fc1fc79953ec2653454132dee030e3f5b0a60
-
Filesize
12KB
MD58a67dfeb155586a37f8c5b6b952413f8
SHA140f11415d844340faaf388ba0d3925d04af7ea7d
SHA2564335f808b8d470cdda2a9a94c64edec10ca7c397cc58318c2a53122a4a4a9668
SHA51253d00c4ac9c41c0ee5fe5dbf5ab34eb6ad2387b92b1ad24b32d48b567e3ce5144a0a3cd683b04f865729605a890323564f32585e6810c6819bda7cc8b057e606
-
Filesize
32KB
MD56e4214ef0b0688d98d2d55928c480f74
SHA1d8b253642f6c6099c5a3f3e08036ed314b7b3e68
SHA256997e402851c6dd95b11b115fc051d811028945e9f56d8ada6c9480251b582a56
SHA51214dafd041fe7bafbbecb8cb4da2cec66f97e1a432386143910af3193fcd463111586fa1478a2bb8fba432ac0874a160641cc504dd1e00f184b77880cf8765635
-
Filesize
8KB
MD5bd5da6e50716863da9782a871fb52c39
SHA1ddf0240409531fbddd5c841267f12a002ec84aa3
SHA2564ebe442311d756e9b12b550348f373cba814621b35b23dd4a378c14d6ed7b416
SHA51239b3790be90b19ff8a44e6aec0882293886e5f891cbbfb3c4103a446ff661e88c7815e457fba140b8cf59950b5263831ec0c4cfbabf14b6db86015401e24ca14
-
Filesize
12KB
MD57288bcb54b5b8bc9101fa8045f5b4ab5
SHA1e30e4f62287e8d37d0702327ea0c4baaeaeebe9b
SHA25659b1a3b9c8afc66b29d0a5198462600d3c953d89eed168a01f2d4417bdbc494a
SHA512b7e60254dcd9b502805dab7f41f917395c17740b199f038d1cf56579612b807bc77807c8c2fa72b0655047bc720f26aee156ed1b04d5f46fbe9a62844f4b30be
-
Filesize
8KB
MD5f1612fe4d81d71cd7748b952b2394020
SHA19da8517335c2e0c265cf7c068021ddefc50c2ca6
SHA25606e7507a6bcc87331f3bfdc038cd92e07987e538d2e4bd1c721b192bb18fb680
SHA512c55a92874a350a3e8b5e23c7f42f96180b8f37b117cdce6e57e83f058ba307de1158839cddfd177fb6dc3a52c9f02f1bc1bbd2c9713c06fa38295ded602352dc
-
Filesize
12KB
MD57b875befdb634c496da1a0066031cb0c
SHA1e5d5ec32df23beb4536583af021ed9f12f7916d0
SHA256de69a8706cb59ab3a24ac8a3ed55041e010c78f418893b224add9c0edf18be95
SHA5126ceaf2421eac7d930103e45233f7c4624c7bd3ab54709ebdf51c261d88604fb0af9219c69cde0a01ab0d95749becf51b7607c2f885ee3c24562189868774e42e
-
Filesize
20KB
MD5bd1fee0ec842a7caad26fcfa8361af0d
SHA19da924dc1981210d1ee4f7b575df84ddf2323ae2
SHA2565bf53fea0185326218960ff27bdde662c93b338fddbd2b6de057c2b799504641
SHA512fe463694443ab2f70b716ab731054233d063886b27da2e176a54482d5bf4f8a393c6e31bb97e37b3b64f7a7b0a57f3976b3d6c8000cdde0b7f1259b6d875b82c
-
Filesize
40KB
MD5967fafcc9e5d0b1f9779b512c6217e42
SHA18615dbfc252999c5a64deb8d23960fbf1a5c56c3
SHA256ec2aa83240fe1e988bb32aaeb17f88c18652d6b478343c5d63e3e7e28ee6d6a1
SHA51273d5bc17b2dce67753a9398c4f8531733c3edb165b51ce7e3b3447054287bb715ab65e18a20fabceb4551da478dcf656a7063eedc89e1a08bd510213e2be300d
-
Filesize
8KB
MD528dff7e65876bae26c1b89eb0f81f0b6
SHA15197b8453d6584c9d59badd068ca527327a98da9
SHA256a96671ec896776e40aec04cbe0f6c2566c7e558a1099e8d064635b82d3b6fe89
SHA512ac9e0278c776e535862a1ec8cc40177f466ead2f1ee6dd573d364160a7d54f40178221b8c3655f78e7547feefe5af05695784a0f24d88ca4607bcf543abbc907
-
Filesize
12KB
MD5e785d49b90eb0d396c2becfca58a7d7b
SHA1164cb09ed471d9ccddaac1a068bcb040b6dba50a
SHA256564c3a4e3419e960b8ca1c8d9e2b55ae7d08896b236b4cc9e74a1bf9de0395f8
SHA512b4a93cf2d2eb72551d370aa4fb0ec3e2656e85df1c759598f4d79286e8fbe0083db76eb695e21969d7e5b8b7f90dcdd1171784eeebbf99344f9fa6616116cfe4
-
Filesize
8KB
MD5393067c7138e7630c19e13c6df24ff31
SHA125d9d0fc09b68fbce9986d183d27121498a1fce3
SHA25634b482919ab636c2876396183133ecd6c03021bf84b6b23d47f8ce20766faa4c
SHA51276163e86eafa98ee37a8a37e53b5a998013067b97996eaab0b49edd1b2ecc6a8260189b66a40f915ea1b2fb6cc9043ad3bed3a249966ea24024bc0193252a62b
-
Filesize
8KB
MD583c8f908adb5ffcb0bb428e98b4939c6
SHA138d236d199ddedb975e4360c2a5e2a2acfe583aa
SHA2569ea098eef3ce2c9d1483dc8ca88ce3d0886f7d386644c48dd3b4c57e89a978f5
SHA512f29a3874db554d95f1990b664a3875b7ef5b1de8168571e4fa2f189b4cb8d6c5241b8dd6a07c8675199329828b6a307172110cf97d8656934718e7a8d9ec9186
-
Filesize
40KB
MD5fbe7ba9aed6f840fb24dfea363cfcb84
SHA1e091e531405b7c64cebd27af80d4c093ef2d43e4
SHA256940d39534fb9e30a7d486830090f4ac077f9500310239cb03cd5b3889f18d39f
SHA51233c34c154ac65d117f491bb05fd3221383a6e2347f5a438bf35f74bb724413967c674928a63562fadf9a73489240eb01b2a5a02274eef3e7c0b6e614dee45e25
-
Filesize
20KB
MD54f91410747bb2ba7a43ee7b298fc9417
SHA1597e95133bff38aeb4154b8a79aaa0d31ee99fcc
SHA2564e93ae7c16a145783f04d535aad7112b561b401ebbb01cee861aeb67f01984cf
SHA512c13d30e367c948ac6899423954fdb0ec3a47b74bae428e0ebd8c7bd3544f21953d22a1632ce567fa5b7c999004d53add84a7bd0e226c40de41af04ef86a64ca4
-
Filesize
8KB
MD57f835fca30f5b066f7add9de523a6951
SHA1a0d18a348af7d1bacdf1ccdb83cf247460b67034
SHA256a570d32bbf9c726d147f42dbd719c30b4431c66794b88dea270109246c177512
SHA512a0447cfeeb8419af27aca2d446b0646ba2f50f83e93594eaf72a0eb6e0dc97e02ce4d66ba9a29cf492100506adf44f3a6b253ea51b6a6bcc144ffb5aff9f39c5
-
Filesize
8KB
MD53927cadcf707b023c92b923ba79a3c2a
SHA11939ac3230b9698b820681ce20a7aeab5ff0a78f
SHA256a0b0a1af55fbe5fe750d9c89d3c6e4136c86e2faad9e634e9ae79555bce3a2a6
SHA512dbf1e7dfbc5d4e780af1052f7dceabfbe1f81752c7f5bed8b95569b168e07d813e40aaf925aeefdb37afa346b42f646291fff8051d2cc93c2af53dee8d67e7f0
-
Filesize
12KB
MD546060c46ce265fba40d005fd391cd670
SHA10282bbe6a5da7904373aa2c732704f904ff21a2d
SHA25639d516180bf6f0b9ee6a510b651178d8cd5d3ed39a2e3c2b8fc8fa1775d88ad9
SHA512936debe55ed9e69feddab9babd9dcca6bc2becb099229732b12c877ed944d7b6cf18f01418c3d713b864fba5ff0154fe2f9c48a21f2a06d430b106ef3d68402b
-
Filesize
12KB
MD547d2eab2962c2b2450a09074eb086b24
SHA15e11c09c682ba62086510a9a098073313a412e7b
SHA25639596c2de677ceeb0ecaf297734f145a3e64524c49871bb3dc557bede94840a2
SHA51298edb0a73482467bf4df6b2e5e99e911a788b9a7435f68cc8d369de63ee595bc9bce373befc03e8a6ced0b75d96682fe5afa514881e551452bada7fd9957f807
-
Filesize
8KB
MD514f6b9fcb90c6651b270d05c5f630176
SHA15c2cdf99d75e384a1c842c3de6597b0a22711915
SHA2560646cd22864f17e55f5df9297cebdedacac52a39cf2fa433d7bd67c0bb433ff0
SHA512eba21fd1ba6011dd976179332f7f9077b421294564172c319c7daa180e66c4a624cccd3de9ffc7ef0e9a8c6e344a59a460a38021154eb6ee2414087300ffeb68
-
Filesize
8KB
MD53956d8284b387cd956a261517906b814
SHA16aff6d7796803785f959658ff4868be832146e15
SHA25669ac206c5ec248de2cc17fd51a5af03da11406825296c484a49e9b3c8389a379
SHA5129a10faf162cc60fdaeb9456d8158b3710fc2b695bf130c66ff9861977a4448014d4b50baa1c2fce0130bfb2bd6adb0a74935c22e003579242a3920661271183b
-
Filesize
107B
MD563729630bec101b3598fe1e731d39d4a
SHA1c323e3cda205b1f1c29a1efb9ca408d1e429fe87
SHA25690d147e83314447d51273251c812550887401b9af34ff8a0292b77bec94a212c
SHA512c9bdfdda8660c534c837f82d9aabccbe21371ac468eb871e284540edefa824b17ca20b75d5b14f0dc60e4e056b1d303bd0671c7f57a0601bb0fb43f89c0811c0
-
Filesize
480B
MD5d6ad7ca453a5bf96dd4af669c29a47b1
SHA1012c91fb61877f38453b10b5362dbd3f6276674d
SHA256781776c442d8df0c45e7c1f8441330ec863b24591d762837f93812f91d3e2979
SHA5122e1422342dbe6f13851d7279be06a89f7d7ca4c6112e73e163e30ec281eb7f7f525c21d1f7458b08ba9f642bb4788d0417d5985547cf95859b4ed97d87780719