Analysis
-
max time kernel
179s -
max time network
152s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
27-05-2024 11:01
Static task
static1
Behavioral task
behavioral1
Sample
78eee2da614018ea49d13f2519929dc9_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
78eee2da614018ea49d13f2519929dc9_JaffaCakes118.apk
Resource
android-x64-20240514-en
General
-
Target
78eee2da614018ea49d13f2519929dc9_JaffaCakes118.apk
-
Size
213KB
-
MD5
78eee2da614018ea49d13f2519929dc9
-
SHA1
6462dd870228757be803e7071c875f33fd7da3be
-
SHA256
8a40e7641e37d8ed06275cef535b5349b0d007bb84bfafcd562248206845263c
-
SHA512
7e23151d58007d7dc0e67d2383a2fad8750ad402b40adbd8301a6a11f62f6203261cd2909363e114bea8b41410210b4dcba5f0b2442dbd9d2e698d093e7f861a
-
SSDEEP
6144:fIb/0szi6yig4a8dHtVIFXhYoBKSTrfI/+NE3MS:wz0K99xa8dHb0XioBlTrf0F3MS
Malware Config
Signatures
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
com.cold.toothbrushdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground com.cold.toothbrush -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.cold.toothbrushdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.cold.toothbrush -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.cold.toothbrushdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.cold.toothbrush
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.cold.toothbrush/files/aa8fd1cf-a6b2-4c5d-9885-da4f1f19e7cb.datFilesize
404B
MD5fc0efa66f64ec25d2bb4e64daea301a2
SHA1afa507ae50daaa1523be16ab5b31465fc66acd6b
SHA2569eff48f677392e2af02263edd53c3901c6ec005a1f71addf52b5152d3d69e775
SHA512f1879fd4393efa30e6525e0b809463a95c2b17e18399c4f7a5d97ab97ad4f64b2e9a87177c495b639c3c8457160396f9237deb40feae129ec2085a36180b9ceb