Analysis
-
max time kernel
132s -
max time network
169s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
26/05/2024, 20:00
General
-
Target
76a81762116415d8a9bc561dd81afca5_JaffaCakes118.apk
-
Size
25.5MB
-
MD5
76a81762116415d8a9bc561dd81afca5
-
SHA1
1e295eed09d9118cb5f6d6754bc39e923e2daa78
-
SHA256
902ca1ff2160751a410db389e15b7b29acdac2bce5db2ebdae71edcdde37172d
-
SHA512
293c9c94b6b79c8ae766c40034a44d897c9f1c3489a8bc2fa1c8bd25c635d0c373ea2534f102324fb50ce95f3d55b3731d76383d5f2820e06bd27fd4f5e68ac2
-
SSDEEP
393216:LhgM/07xIqEsUOJI1GwOLYfd/Z9OOLlmh0bzEa/RU/CMPbd03aQWaOh4TgyatW1D:LhtvXsI17OWg0PEapU/Ced0NTMW1tfrl
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.king86.kbzrmod1⤵
- Checks CPU information
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
2System Checks
2Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
78B
MD58ac96ef800efd58bd1605fb1c7908292
SHA1950fc08bf0ca7a86323912273c3667e59a2e37af
SHA2564b2b2ad07f30b83dbad5a2ae74cd695f64d5c52f383805dbd16df96b121c7f9e
SHA512c9a1a1e62d73de81514b1c893d0da32741bea7ab59bbbf7b71f0e12c8aede6a6ca9a6e3082054b4f680615985f7b58eb7bff5e0106bda811cea060656a36afc0
-
Filesize
7KB
MD5e8ef48dd707a58355fa9ab17f7cffd55
SHA121415a81b6f96e734cb9ee3e3ab5ae5d879cd532
SHA25612ae774f73570bc539058d06d9e08451c2a0b865223d6893bdfbae68f1ccee56
SHA51233336153cc248c20442e848abf4c74a485894715870933a8117ccb6cd8a14431460fb3a0f72b2894f442750e54152d4d96b2c8020baf8dee27988bb29fe063c3
-
Filesize
122B
MD5c414d82ad764091575b34b59870a113e
SHA1e93da72d897f3973dc66d647619f4f80ea9385d6
SHA2566c8e71c0fae5f7eec3dd795c00272ca72f089b54885e7c15526815de9e5488d9
SHA512f68eab6bd8b05ea9acdfa6a0ecbac98f966a4bbe2528f1d28ff5849dbbd926c4f295196b44db0bd91aa70576ff6f1368f9183133dc15b2fd7ad65ab5446b9cd1
-
Filesize
1KB
MD5b67a6e76dc4e3a88822092332c22c89d
SHA13f5731a489c4bfabc5a2c9138cab34a0f6f6673c
SHA256ed29329d5136d1ca1d7477aadf0590247892c3f317aebaa754744afdb9413a66
SHA512076a2029f12826312d30b2829826a32464bbcac14eeb0b414e029adffd09db8f97876bd9296041befc4adae65502640c61d6e5d8d0d6a2134b334b5e565c10a2
-
Filesize
251B
MD5e88756a70dcb847062ebe520a93ed013
SHA17973972a7f932e04fa268fc1780c5f60fe5b5414
SHA2568f1e908150284a1d04b7b040b205b95dd3f0e95203e2aa2d1c72550f7ab6bf86
SHA512bb9acb3f4805cfac09621e72c8ab1900dd0161aec7e31bc90095b28a5e01f0643f0d4b06b31f4f10eb220448e1aefc6b3e6de92fc6eb9993a7fc9022ebbbfc22
-
Filesize
130B
MD5ab7b10c9db15f054c0ef780371d0fa76
SHA179f846e7fa8ef8082ac591484d80868d71b10ebe
SHA2566e1fb015fc55d6d43408e641173531eb15fe43223f12176c61ebd1223a32744f
SHA51262985c08b0a2dd2894dde52bc26dcd689fe1f0a584ca2056e83abbc21d797c9dda0ae316fd7b89ad65cfcbb2015c0680dc234b53022554e296c3319a0e8ff589
-
Filesize
530B
MD5a10fcb389fd1c165b56aa4a122b67141
SHA15f1306b8d49188604c4693912a5f20420ada422f
SHA25672cb82db0cb151990272f5145e87ed826bcb8fd8589548f877df0eb4595a9b51
SHA512637c7cf19b2070ee00581473db1a4c5802be9d876b120b663b8022f5207a624a3d29385f9a988d6d51056c9ed86044c6459c6d9222d9f75bb4f46a978597a083
-
Filesize
111B
MD518909157dbe4d02441362d52fe04cb77
SHA1fcea56afa179a2edc377d1f8487c56935a9b4c0e
SHA25629c23eb46b55b59c20f06d8ee9a4250d839bb973954a411e566b557c93cf8f10
SHA51218c45fefb3fefcfc9b2da2705f79eb6ccff730ba9f5a3d265184aae34db11f64f1326ab85ecd75f0e49238478b2339bc41c7d73ff34552d0214f7d2a7722c4c1
-
Filesize
381B
MD5f009370a0f3887e588d2aee310048322
SHA12afb1b2833e6f26b1dafd8b77efc6f7f2fff05c2
SHA256c2d6c823ea14445d5284b9f74a505a448b6b911cb5d163e215765d99c2c22520
SHA51240a0333cfc3c520f240d40866babacc595ca227b69676b29da5926c6f7cc8b49367b0d60e4389261c670b90056ba5dd99ecf2ac7f01afa9529c6cd684f54b3df
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
Filesize
111B
MD5bc7fc77f1b6fcc9ebe113f6cf68f5675
SHA1c51e0fcf18a79e44fdd295664f07b450b8e218aa
SHA2562019945c80958ca941f3a24b9436913fcfa6fe557419ba89009f81d646bde12e
SHA5121447cec750a46cd6cd196743100481bde8a45e72abfbb78798112b5479e5b96a86631cc43fd49be835e9a52f7ff88e48ffec6385b46ab49cc24601fa38bde084
-
Filesize
110B
MD5f3bd59b8b21f69bc3cc20726786129c0
SHA13ceae2ca123f9d992f4a394f3a851f21b990447a
SHA25671cec3c4f1006fe6cd1e62a7b41e8c98294e101e539e444e10aa4d024581f813
SHA5121c8e407b2fd10a88c858a9e8a9c6db6948acfb49880223a53b7b87c1cbbef83358599ce4b1591b0d61c291dfa4973b1db163109a3f52fe9d427b80e1581327de