Analysis
-
max time kernel
128s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
02-06-2024 21:45
Static task
static1
Behavioral task
behavioral1
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
-
Size
4.2MB
-
MD5
8f8a468acb35106fafd7893f36428a8f
-
SHA1
dd880c83455e1f1fce214ab31c36450c43a23291
-
SHA256
dbc82167bd33f85b5fb78303de64a56aeb8da555cbd202f6d179dc7d6822f497
-
SHA512
9aabd46c99daf4bdb5b1d002eaa69cd51f3291232530e404306bbb7261bb9a87c508dc6250f9ee942065224026b789ef3e6242bcd9ff6e1e4da681258c901f45
-
SSDEEP
98304:afIyL/HObxN+sy121xanDJJgr/x74sNm0RJBu3S88DtGsqco07:gpfOlNTy0V/x74sNm0XU3OXBB7
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.dm2photo24description ioc process File opened for read /proc/cpuinfo com.dm2photo24 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.dm2photo24description ioc process File opened for read /proc/meminfo com.dm2photo24 -
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.dm2photo24ioc pid process /data/user/0/com.dm2photo24/cache/ads3126902518614822451.jar 4297 com.dm2photo24 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.dm2photo24description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.dm2photo24 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.dm2photo24 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call android.app.IActivityManager.registerReceiver com.dm2photo24 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.dm2photo24 -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework API call javax.crypto.Cipher.doFinal com.dm2photo24
Processes
-
com.dm2photo241⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4297
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
10KB
MD52f5242199bd210482d08bd9e05110205
SHA1c1172513b15b4822ec5734e3c0ac89ef0d5e7da4
SHA256361d9bf81bc8aa7b7ecc9e9634cc465fe944c0d9ace6dea136eaf2172ebc75a6
SHA51265a7afa311ddf29b0c67b606a9ab6d2593398a58684c65c564c1064a4fd08601d530ab07a25175ede97031a7776d50da2859f2dbd9885aa441e90e9324352986
-
Filesize
10KB
MD515727f7877271533cdbd32041d159e25
SHA1c1ec2817b8d043a13ebc37dd59142874ca1711a3
SHA256cbcc7bb0672ce1d943c9213870bb3b7125e9ffdb292adb8a39c0724b5ec0a0af
SHA512755bae3998596ca58108ff7dea13b8cfbc10ab816cea3342f531123727a162402ba2df5f9ac61281207958d1d1eebbe757efc8f99c9840a0d8978b358264f973
-
Filesize
2KB
MD5d80f6d032778b02d10a9c9a2f1a24714
SHA1e34d4ea9618b1b499b65032723ea029ab3998500
SHA256ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b
SHA51234fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1
-
Filesize
28KB
MD559e04cc405ad58d5ca1a8d7c7612c5db
SHA1a60eff01f0143e40ca2009fa4884a8450bac6a4e
SHA2569bb3f5baf5ab73d3f50d87004871add745c398b88919bc9a98f4b64aa8816b4e
SHA512cac542f1a9f2625243f9bc6a5352ca3026321b703ce9729ef48c5c4488876c71471b0b639564ad569c031bdca71219d89aeed75c04eb8f558e06534be8510018
-
Filesize
28KB
MD5c3db527cd1f616aa2994f315a11ed7d8
SHA14b346b3ea6396301119e9441469feb1a8112323a
SHA256cead145121adf043450199025d9c1abe5fd5a4199fc9c228ec7082d644609c4b
SHA512d703abf4bccc60dcd3063ffadbc7f8b606084b885b3f23769469e6c9921c5e4251226a4d6acfad7f1ca67ca6289ad9da51355c219d460bbf3cd1cac932b3d1cc
-
Filesize
512B
MD59a213725e091d935838cb861e24c7106
SHA148a764ce4033f6ab08f82f026675cd752cc79d6f
SHA256d37132c0f6dee9409ea9575f6d14f34ccf9e6e213f3de2cb77e789e10492e5f4
SHA512328bc70a8a542fe4a969e17c11c31857fceec4c4bf6393f8780710c49e4f0263193b26862656fe5e9e6a42c4448302fe48feb07162ef3182d44adfbc97788a6c
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
40KB
MD5e7751124d69275c7d5fc93b68625c842
SHA13dc4546e7527837f46b11ab1a0af10d24f666ed9
SHA25657af71732a49f22841d5c8eb50bbe8b6cfb3b744e882626ac1cc644a639371be
SHA512a632ca0909e6742bd5e08611ae95c66a89e2d15de403ab20e6534f17f92e6970a15eda9379f0de62c1233d9dfdf7f847b9257bf3559a0bad06dd896092132257
-
Filesize
12KB
MD547dda8a5b81645742cf10babd7dfa15e
SHA1e1d89417c741059508b3c9539a569bea0721bc58
SHA2563b32bb1c59545e4fd1323f294563554e55b2de7cba6ce465f3245ca5f6c81bc5
SHA512148374863a8c8b867f469001be65a529969963352cb3eaf0539157c7fce0c985772c3c737f012f7415659dc5da514dc19a74781b545977b68bb298b2a7060c15
-
Filesize
63KB
MD50e82b33284e7d810dd9e350e22423125
SHA1e8400b31498cded7988c5a7f9bba2bf351ae5189
SHA256e72d6614473f140732c907c5df5c041cad180d5015a2b86050abc3edc5644a5d
SHA512a295c8c10759c44e4df3d10ea372969590730e8c33d42cff7e07b2c39d1f3248916a0f2ae293c647ce7f942f531b03caab4c605590d4969f799eb8b26ef9eac4
-
Filesize
22KB
MD5c1c75ba9fda9128ea1f79555c02f2fb6
SHA196f62897f0f82eb973f4cacb18f89d1cffa4e696
SHA256a40a4a11b0a2e8ae227e6d101cbd27a3f7736292795ba223f5d086753cd3eb60
SHA512bd46619ff6a9119499307a19eb2f23378ccde2af4da04683ebc3535c3da9b81ece4cdb5db8ed118cd58cf5aca1314d87329d659e05f5a58a9aae5a20c24303a2
-
Filesize
13KB
MD59818dabc2eb86d5f4f071e9d67334570
SHA1117e7978c9293d86ea5492b90a4999cc24225dbb
SHA2561f075332b57fdfbb9417718f3c0d9f27ffbb2c135b3291aca4b9f2911d7e9e3b
SHA51279937390d4b02688abb0e24cef356024c3dbd3cd59d85ea3300556af59f0648293ed24fb5db740a4329fdddccf43af3b7679135555397a3adedd3eeccf5423a0
-
Filesize
4KB
MD512670a32ad1380c9021a9e74aa5f2281
SHA17e8caf0c7a4d78452efb90958e8ce1aae5148e44
SHA256f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9
SHA5121277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06
-
Filesize
18B
MD57e6c787c297b755effc1faa040edce95
SHA195fc631191a2034314028727ee13730dda7408da
SHA2568cdfa9505fbe0d9617f08d27d7d99d3f5dcbae701cfcccb9549b342cd16c253e
SHA512b1d96c1e05f38c3993e7bbf48d6ae74c7d6ab73f2af3bdc8736d72efbeca05f67624a0850b170ff2b103db25b680840b564818204e1f8b05c61360228f369059