Analysis
-
max time kernel
25s -
max time network
151s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
-
submitted
28/05/2024, 03:05
General
-
Target
7b786864d5c49c99991b04ac0031d18d_JaffaCakes118.apk
-
Size
2.1MB
-
MD5
7b786864d5c49c99991b04ac0031d18d
-
SHA1
90d741498425b55a031dc49b8defef2c688d15d8
-
SHA256
6fc814a87bd84dd6a44b4fa25c4a99a7235e15978af0618919d81a2132c0df98
-
SHA512
4e584b212082c186fb0eef0f70581b98f06b353cbb70bdf123add42a9d2f4f29b10389bbd305b08248220897852073c912d7b291666040c2b22e138c93f40677
-
SSDEEP
49152:WnkNOpYIvYeEJrHEPd0TZ2360Wzhnk73SfSyQuLk:WkNFZeUHwmVavWl43SfX2
Score
7/10
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.swapify.swap.face1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available