Analysis
-
max time kernel
96s -
max time network
141s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
31-05-2024 13:17
General
-
Target
87225f3911ee5a5613c30154d216cf11_JaffaCakes118.apk
-
Size
3.0MB
-
MD5
87225f3911ee5a5613c30154d216cf11
-
SHA1
06a9721ee5ef9257354e8bb896b0ef6da8686cdc
-
SHA256
4890b52450983e19062b8fbec7143d431a4d2ee99cbfbe3e1d9081cbb9a186ad
-
SHA512
852cfd614ba04568226ab968c2d84cd452fdada69ff71d2ca9df98b2124e8ebc95a6ca271d3d26147b41a734141ff78193abc636f2ba25fb80695e1bbf562484
-
SSDEEP
98304:rHbC9fplocxZD1b+XysTR7eWdJj7uyuiu6gUUuCn:XClocxT0y+PuyuiuyUuS
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Tries to add a device administrator. 2 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.spideyman1⤵
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Tries to add a device administrator.
- Checks if the internet connection is available
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.spideyman/databases/dAT5YFVFilesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
/data/data/com.spideyman/databases/dAT5YFV-journalFilesize
512B
MD5cebb89c69571683dcbff6317d1fa0328
SHA14b810f15fdd8f12b84d5c2659a91ba28f98ab9f6
SHA2566b8135d4c43a886833db0d3db6f07d9207ed32e41d38c1bb5c3741e6a89723a1
SHA51247dc6049792a5a3f4acf50f7dba7d94e52b5c1690e88a1e127a8fcf0289cef8e413207c797157d6a7df14b67714c9f9bbff18297733ba4a9582c3f34b33dff37
-
/data/data/com.spideyman/databases/dAT5YFV-shmFilesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
/data/data/com.spideyman/databases/dAT5YFV-walFilesize
104KB
MD597644f3c7460042b03134e318dce54cc
SHA1fec0f8fd0fca7ca9fc56df297296b30ca837aff3
SHA2561bc0755550d6363ebcdb0b5f0af07a71d2d42d3898bd21ecb5f309d3b74ab124
SHA512237ecb27939be95b32b7f91dfa4c00e18e2f79b7fdf302dd2e57c1d85fe7a921129e0e41b2d7e7191dc6313880c272c4086b7f28df01083055e871872b3819d9
-
/data/data/com.spideyman/files/.YFlurrySenderIndex.info.AnalyticsData_5TG4JGVTYX3S34VZQT7N_216Filesize
88B
MD58f8ef63807c75c6677a77c054738be69
SHA15986a50ebeae1979e3b91076c776538cfc131710
SHA25651b0eb8dd84d229893c3213c51eaf94497cba686b993eddfd0dbcb53c1fb7a9f
SHA5124ecd7723c5bd9f125fc5e054a4629ffa99c33968add96fccaa3119797d82bcbbdb14e06bae2c8d1c768972d7bab79c9f22412957b331fb632ac8a662ae30e511
-
/data/data/com.spideyman/files/.YFlurrySenderIndex.info.AnalyticsData_5TG4JGVTYX3S34VZQT7N_216Filesize
88B
MD5f6f77b98d813ef48fa0517efd598c319
SHA191d97e059a906e690971da04c08d27575b96dc78
SHA256adfd30e7d95a0f37eb1105da500dea598b822d11b1115926ff0549674b02b348
SHA51211242bd6b0aa0f6e72ae097572a15543622ca907f561baf536e51bcbb28617dc0396b46094419cc142c0b2c7cef76560c566249760a8bef991b803bb6814f427
-
/data/data/com.spideyman/files/.YFlurrySenderIndex.info.AnalyticsMainFilesize
72B
MD5b93c096c4a4256a76a35955acf75f98d
SHA14c915d8ff701ee2d9e24fdda0ebc87cb37bde37f
SHA256801ee8f13155406b640b4d7b630d0473100fcbb82eb727bff03585da4343ebe8
SHA512a557418d61d18a00116c2c8de7c45e14b071fb933b45ac05c1b322952957594d6288abd2f95d20d0f724ac5acce18b14aef00009288206eb7c43ab60c5de6f79
-
/data/data/com.spideyman/files/.yflurrydatasenderblock.99223422-1d20-4ea2-bca1-bb11063ee433Filesize
325B
MD57241017ddb418b5dbb9f808ceb08dfba
SHA11b8063ad20bdb4ee226b0bb1f065036438a8ff75
SHA256f42d24b430ca27762999ef9756fb34b43760e36d0b5aa0baeb3427c25d8e3e62
SHA5129c0ca3d1cc02266b13043ef98968ee21fa0a0fff5d1cebf839f121c119ac98f859568556e5ee4763019c13dab61e1d34306e6d0e5e27833590832a9bb5a05477
-
/data/data/com.spideyman/files/.yflurrydatasenderblock.edd6bfea-e16c-47c6-a475-0e4d60875cebFilesize
622B
MD5483e8188e9c1fce9d2acad08e08bfe57
SHA19ff663854ced22fff4f604a7b1937dc0fc15a29a
SHA25697f26eaac2892e03c101b694d9415ff6a7d7752dc712129d7d3179e9bf38965b
SHA5121b4ab10173c5ef03271686d95e268fca4594e57281a4908a24fbc87d76aec91cd7a9e842af9d06b5a760bedc73cd2cd41c0cb289562d063db5cdc40c93ae7c99
-
/data/data/com.spideyman/files/.yflurryreport.-26d308d518909af6Filesize
373B
MD53bf339455684e9042a6580279b2f17e9
SHA156119acffc585d757d9a4956bdbae57e104b07e3
SHA2563a9fad2541603822c700ad6a954e146d6b985a3c002e0c1f84392ca03f1e5f4f
SHA51218ef0bc0497ff6a88a40a421db99acaab3c54c59e6e47f8c638719b9ac1db2f83a8b90ac64fba77f6f7948e670633b4c0f1e45e612d1aa27b28bb6f956fc63fb