Analysis
-
max time kernel
178s -
max time network
188s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
-
submitted
23-05-2024 04:25
General
-
Target
69b8051a6bb3c84968a42508205bf567_JaffaCakes118.apk
-
Size
9.6MB
-
MD5
69b8051a6bb3c84968a42508205bf567
-
SHA1
92ffb5c7d81bdea3a2d8ee88137bb2f5669064cb
-
SHA256
b4f5d44b5e982567a5b6d31242168ca3e3134c455b3acc7577bb30ff2a071df1
-
SHA512
1a46af0366b6230dcd3150009e5f5edad46b5d6d468a6936d75d1afdd46a71ca5ecfd7c21de81617984a575e3f3b26c60ed5e2fa14d1afc2675398ffeded106f
-
SSDEEP
196608:4B2IdUzkrg+rXnlcv90S6/1++wHnLHgz4ioD2yWoES+ViUIvyVisgxTKNlQ:M2GUzkrj7Xd+C3oD2zBViU0xTClQ
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 2 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs
Processes
-
com.aheading.news.yanfudzb1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
-
com.aheading.news.yanfudzb:pushservice1⤵
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Acquires the wake lock
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
144KB
MD5110719deabd82518b14b001ebc6c9451
SHA106955b11bacb3061ca597eee44f859d571232993
SHA2565f8ff849e437b387997546adae3fc254a8b970221c0a1c5f831214a8f6aadf54
SHA5127b25023e814480734e2126408305a74d0fc2ee018b17f4b33fa8b1cad2d30b44d447f6c89755dc91dccaf964dae2238b458581691ca322bf117d6ac73fac0784
-
Filesize
512B
MD505ac6ab8b9d3e111f7a5b26572564693
SHA1f70e888e639a815862b2112de63d5ad022efd517
SHA25697fb2230fbf2a45a2922641a26776721c2047e43ea2084d5f822ee9764ea57db
SHA5123972329337413a453e66288f166d455df7d08193bcab354b318807330f263148e4e093a27f445bc4dd48756807bfa18a21da0b7e0835a4fc54836d4fd4c658e2
-
Filesize
8KB
MD5908c4837fcce0725857b3843f64bf650
SHA17db61cf298a470adb3718abeb3655c52a319c358
SHA256d23baab80231bb259e9db28c2b107a4d2a71034be3652c8446f97ecc47ecddc0
SHA512bfb1b08ddc7fd6e53311506712c2919ffb59c52a8035c53c50328c1b6b4147ec4ed5e7c44b4199870e44888e087994965190454b9f5c9801075ae46c352a2369
-
Filesize
8KB
MD5181c6f5fe06fe64c975d3e1820d184b4
SHA12ec87f8853d03eb6aca503748d6772130bc11f98
SHA25651d0e69b5db3ed4b32d8c3dff2562aab9d5ceb4ea28e56687e9a7e95dbede5be
SHA512323a842c230e823be5c85d1070910ebf8cfbb9dec7c4e7c3564918eae54519349aba7577b6b4138f416bd6d0f747a1b5694b5552aec9d483acd02c0c72b67ce9
-
Filesize
4KB
MD509fa30e53cc327fc125a1bbb3b8e7ec3
SHA13975fa687d980b18dd48e9947694a6c9001fd74f
SHA256326fa482037ad0dfb5bae57a21495aad99d2725594b541893c3996d1a269f3f4
SHA512950896f86713d3944f1861360ce4b5ded0c4fff5d563e14ecb886a4773c48091cbb10bc5d9957a2bf38e3954b873d9da0ac118bc10114af997ff24afaece22f0
-
Filesize
933B
MD578b2398138ea7515f2131057b100d183
SHA1e63f1ec74608139177ac2ab6d131e880f84c4c46
SHA256a3a9022b0f84fc05509ac1cd70cc09655085a2b40f7b3d37e54395463a5f1a3c
SHA51213e59ae2b0e11132e8f092dae299d3973e75803925b3970d0de5253d76f5a3aa0ff163e7e21515045da938a20df16adc51c81b44ec73daafd7e00d56ecfd4ad4
-
Filesize
162B
MD557ee14cdc6675f0617cc1a39bad0ad1f
SHA1ffa7e274668b258612701fb4b0957173d318ae45
SHA25610470b295458b21217679d640294be62319c0fe7f76e0f68174a8b06de892e3c
SHA512e5baa3d2125b8d4cd152e2ed26427aba4d5d7fb32f99e0a8bcd3c4f327217dbc36d8448e55540acf6bbe6ac9dcf818459159677a1c108c0281700f66374645cc
-
Filesize
7KB
MD53e5e1146477298ebd518707a4e9edc7f
SHA1bb0a46e286bcd1ce33746542c05a7464d7390062
SHA2562c3d373c4cd7ce413f177522e262a9435e582e081c0b30c6b10475568a109f1c
SHA512c20a4029f89d40134717910820bd3b1f39483d96488e3ed8cabb5466976fce447f2b6165fa6703ec5fbe6e9c009fe9649dc2c0cd66446ddb45602ae7c4bfe81e
-
Filesize
19KB
MD5ff8b5cd0a19ac5a79c27ec35a55b2ef1
SHA1177a296658c252a97f711b84abd1a5830c924bf1
SHA256eb76f66dc9bafabb0b831bdf54ae568a82174fed53159451046cbda867b1e149
SHA512428c150366a3a38a2a46d49d9266fe09e067b8556351f8a64e54b35254851897efe58fff2fdd582e8fc67918fa47c28f34247726c59c3dfc932b30136c29cc4d
-
Filesize
166B
MD5702aa175711d3b8db70ca1d9a526165c
SHA1262ba07791553e4b733233187f80caefc81dc2d0
SHA256e525aee62c432a71844ccfbc39706c9241ab5d4ba898081dfe21fe890ec482f5
SHA51209b280cb223b9647cb40d673588f8cd0a2555b4868be2f4ee623230569151417d4b4db9ea9f3326d7b203b9a89850d82520df62db538bade987753adf7ca64d7
-
Filesize
8KB
MD51160a9395220bc7f20c2464e620f060d
SHA1b087923c33910a8344838420c56c0811d06999f7
SHA25629c43507105caf0b96bba0a50c6a69dbc69a3cfb9d6a347c32fdd83c514e10f5
SHA5123e595246b1423196761861d52f29e6109b620f8e218762a75e6d1e4a69da0d7a4754793e86480fcfa92b005be2b3faeb08245364156a1627e3077a1e90f5e2a7
-
Filesize
172B
MD5f72b528139ec8e5cd5af81788e268362
SHA106295820a03590a2b5f732a3103c3178d6d25e43
SHA256a5a3b91d9eb2929492b008087be93c98ebf864b9546c59399e64e5bf18abd445
SHA51285a7475aa55f6a41f9769152c53c2b29491f03d8d81b2f04226a3f2afef871795cf553ab82cff73a7d0fa3a47562b07b81ba6f9a5587303b1f050c6cd8eb3f6d
-
Filesize
87B
MD5a340f3649d552b6c6304f68da109660f
SHA15453e1a6e82b16644d07d570437c20171df4fd31
SHA25642ab1649e8a7a7cb62450f3c240da91efe264cffb7b94f3d12b806e5580619ce
SHA51294906f7d055502a1f957ff048cfe72426249102039134111efc2e55b10431bf6c06028fcb7edb223cc71e239ebecf809490e9173f762844c38342a063bbe6295
-
Filesize
3KB
MD5101456db9016b83ee04b0c69dc348304
SHA1499158f92fdf68998c1ae8e2da85c2ba90f2e7de
SHA256fc411b0ddaa56f7c0cee5d6323af152f95620b2b03e21dcca856b417d6b0edc0
SHA51257c15055bdefc8269548caffce6c78a8b7f6d6e9d3dc49b548ddaebf4509b37e099b69c2e7b0f784307015bbf7f1d4b600cde399fd3dce230c67d953c0a7d71c
-
Filesize
178B
MD5da401d8dd72dca74081eb7c6f0df0d36
SHA18c1b28efdf8a0afe71ccf10b2d0bfd6c41815af6
SHA256ea96fcc1687b9677341b46ae56368a14f29ab9801d2b165054c1f5099a17cf73
SHA512b0879d9ce1dc715dead2e2f6bba8f1edffd448d73e38ef547f0fab389e79ab93a77cf5fc97006cff96ab6b7eabf21def20c62ec2793ed9eec5d1b3cd8724da00
-
Filesize
350B
MD5e38dd1bf15411caf49c61f5b276e99f6
SHA196fcaad8439beeea22b75333745f66c5178ccb1c
SHA256c8634ed1107ae646e307ba46a6571fa82538daaa511d482e109146990b32c989
SHA512a87a6ca8a9beaf2b486ea6cff0de9bd8a75e71fe52311efcebb71381bbfd9f2c31fa15002fdbe4032089802abcaa5375cf20fa7d948278080378a34d63cb4ac5
-
Filesize
8KB
MD52a542b7e04fd1fcf226df40a94e542b8
SHA1a5d32474a8db8a99a913aad56d00c1232ca7f187
SHA256ae59983d8200c7f61adbccd663bf53320a8170d4cec0bdf628b7fd5a777108b0
SHA51253a0bd130dc5a99350cdf3710ba6ad9f90eeda8604146c68f472fecc6acba5fe36dbaf2c4cc70b7764f3743285854710a6028f243c7dbaf0d00f342cee16065f