Analysis
-
max time kernel
51s -
max time network
148s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
24-05-2024 13:59
General
-
Target
6ec0c88bffdc25f8d2f105bd8bffe4eb_JaffaCakes118.apk
-
Size
113KB
-
MD5
6ec0c88bffdc25f8d2f105bd8bffe4eb
-
SHA1
c2ba3a5ce58bce18a20f827767257d6e93c3fd03
-
SHA256
beb8ab2de046cbba059eac4e57ce65f97101b757f8e3032186fb28e0e2caf0ed
-
SHA512
005aa9a5ef84406e66acfaabdcdfdac1b077c41877ace2120e4179ce62b1fd2195840b906316e18e2fa31aa496aef41ed528cfe6662076a1f1d5cab8c606c18a
-
SSDEEP
1536:qNpst2E4fWRTli8GE3MFDeKwJCj0wjAoq/jJV7kzwHOlvx5VYj0dZIzwimdbHg8d:6JEphddueKICAoq7JV7KlbVY8OGWgKBg
Score
7/10
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
cn.mmb.link1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)