Overview
overview
8Static
static
66cab493fd4...18.apk
android-9-x86
86cab493fd4...18.apk
android-13-x64
VqsPhone.apk
android-9-x86
1VqsPhone.apk
android-10-x64
1VqsPhone.apk
android-11-x64
1__pasys_re...er.apk
android-9-x86
__pasys_re...er.apk
android-10-x64
__pasys_re...er.apk
android-11-x64
__pasys_re...er.apk
android-9-x86
__pasys_re...er.apk
android-10-x64
__pasys_re...er.apk
android-11-x64
Analysis
-
max time kernel
179s -
max time network
156s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
23-05-2024 23:42
Static task
static1
Behavioral task
behavioral1
Sample
6cab493fd4f096522a4ec2b9d85e783a_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
6cab493fd4f096522a4ec2b9d85e783a_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
VqsPhone.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
VqsPhone.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
VqsPhone.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
__pasys_remote_banner.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
__pasys_remote_banner.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
__pasys_remote_banner.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
__pasys_remote_banner.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
__pasys_remote_banner.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
__pasys_remote_banner.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
6cab493fd4f096522a4ec2b9d85e783a_JaffaCakes118.apk
-
Size
28.8MB
-
MD5
6cab493fd4f096522a4ec2b9d85e783a
-
SHA1
0300ad31840ef5207f646604d835f8d2a2833c12
-
SHA256
fe7a90c3c8f319c6b9e4b93b3631b3b89c99ff773855075ad49322a90b83a646
-
SHA512
4aecf32c5b8a1ab27907c66e674813e2f3814365f547f4f61f25ec316b1fa56afeec6eee3ea9f7e61b7a899b3b7e29dc552f33b21c50101a75dac4a04e4a00c6
-
SSDEEP
393216:ggEIAm73FIsCkDpIivygdB6XeE/G3yt4Av1o5jHYvDxgu0rOI5Lpe2yI3vKdNN3B:tEID7rCkNBy+8eSGCtP1ol9aQpLYiQ9b
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.totaleclipsegames.clkwrkbraindescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.totaleclipsegames.clkwrkbrain -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.totaleclipsegames.clkwrkbraindescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.totaleclipsegames.clkwrkbrain -
Acquires the wake lock 1 IoCs
Processes:
com.totaleclipsegames.clkwrkbraindescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.totaleclipsegames.clkwrkbrain