Analysis
-
max time kernel
175s -
max time network
132s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
24-05-2024 11:02
General
-
Target
6e4799ab938068599bd993e79a145298_JaffaCakes118.apk
-
Size
3.1MB
-
MD5
6e4799ab938068599bd993e79a145298
-
SHA1
6893c9dd45a70311313d83dec12f919519e94e79
-
SHA256
7bf943484defa524df2f1907f52b9bbca8656d716efb9dfed8e581501e0fa9cd
-
SHA512
602c20243b6b73251d8d54a2022ba6a5f431baa90fa60ef6c3f9cd2af62730dd857f5f82b104addcb7b6614f5161d9e4506f8cbe877a498f6a0cc0402afd061b
-
SSDEEP
98304:+Lv0jcB/u3eccmROZEostBwi6KcOJoCdPTEmqY9lcQmXN6nc:ImHjUstmiLcOaY9RmXv
Malware Config
Signatures
-
Requests cell location 2 TTPs 1 IoCs
Uses Android APIs to to get current cell location.
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.cng1⤵
- Requests cell location
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.cng/files/E2FDAA28C7344D2F9FAA4A0FEC1296AAFilesize
118B
MD5380d059eaa94835e395136c763deff4e
SHA167963a2ede2908e29f73c9a973b13997be6d0fa4
SHA2565808b8e84876bdd79ded85f373e121bf1356029f2b1e25b7f06f0e758c1fbaba
SHA512f48628d9bbd91731159a5893cff5d495c37b42108dfc5926689ecdc9989709d7f221cc5d85acba6b692351f5562f0f662be487b63e88d814bd69e51d978ec90c
-
/data/data/com.cng/files/E2FDAA28C7344D2F9FAA4A0FEC1296AAFilesize
118B
MD59fe31d3e75999b448dd78559a1bee3c5
SHA1f7c14cc27dbfa2cfda77353c4659ce2007aaaf31
SHA256b054743f75e9c4ab12b3166a217b604ad1eb615171ebacfe2b6005322b520939
SHA51213823e8beacaad9d4c7c1b17ef668acb0447fd885b14d341adedfdaceafe356a7ab890f35554166b6d23344a37e53c5c61e9effc08d2ceb5f557a9d1e7a9584a
-
/data/data/com.cng/files/E2FDAA28C7344D2F9FAA4A0FEC1296AAFilesize
118B
MD5a78d90a8c97fceee0bde28dcc87cfab2
SHA18b4f4178f112934fac15ae428abe7aa25b983a72
SHA25634a31efa0fddf500605ec39ef9b596f02682678995b3eb543a8fa4ddabde188a
SHA512c42f8b20e92d6abe96311f32e0d3d05acd2441919d3dd2ce837a5d0539b5cdecb03917ce1ad6194df3bf2d225e34d7ecc178761a117d900dc0c686d2417e94a1
-
/data/data/com.cng/files/E2FDAA28C7344D2F9FAA4A0FEC1296AAFilesize
118B
MD565803a408bff9a82773e745e7b7418b9
SHA1953c916651f8cf4f0681b2eb67bcf0d570cbc7eb
SHA25650e987d487d0b975c1d4303525067c675dc9b88ff0c3e35d9112f6f1db69c79b
SHA5125010f3ca97989a12887be27d3438da5160b2bf0576aa44f77337e810ebaf50b79591e406145cee25c21a04a4831b62f73b483463a352d63b9d081b911b559ece
-
/data/data/com.cng/files/E2FDAA28C7344D2F9FAA4A0FEC1296AAFilesize
118B
MD5833aa37368656a175f80bff78a665333
SHA1a3417ac026f54dba94a82c1842b9aa4e87c273d5
SHA256993a3c971a56444f2a2900ad708f9286afb0279d2278bc050ffdff079497433e
SHA512192b99010f24d18bef89a6174b248afaff3b175c88eeceafe315bdc38cd3b4179954e23874e88a0c6fdcb57fe5212e9d6b567489727a97a7d41aa476443585e4
-
/data/data/com.cng/files/E2FDAA28C7344D2F9FAA4A0FEC1296AAFilesize
118B
MD5c0a3d83f4d4e98e3d328d582200b02bc
SHA1fa9522b32f6b08de8e9f6cda6f8a3ef7bb2d3cc0
SHA256e84f37fe325ce03e26b3b48742ccc972adde255605743b2bfa51e1e1400ddf13
SHA512d1c778b6334ea5de70d75e5a03e6a655caa1e573361f540518cb85acf3ffd99b339c0348e94f5c73c56bafeff88c4b31c4651b1ea6b40efbc9513e36d969a43e