Analysis
-
max time kernel
129s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
02-06-2024 21:45
Static task
static1
Behavioral task
behavioral1
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
-
Size
4.2MB
-
MD5
8f8a468acb35106fafd7893f36428a8f
-
SHA1
dd880c83455e1f1fce214ab31c36450c43a23291
-
SHA256
dbc82167bd33f85b5fb78303de64a56aeb8da555cbd202f6d179dc7d6822f497
-
SHA512
9aabd46c99daf4bdb5b1d002eaa69cd51f3291232530e404306bbb7261bb9a87c508dc6250f9ee942065224026b789ef3e6242bcd9ff6e1e4da681258c901f45
-
SSDEEP
98304:afIyL/HObxN+sy121xanDJJgr/x74sNm0RJBu3S88DtGsqco07:gpfOlNTy0V/x74sNm0XU3OXBB7
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.dm2photo24description ioc process File opened for read /proc/cpuinfo com.dm2photo24 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.dm2photo24description ioc process File opened for read /proc/meminfo com.dm2photo24 -
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.dm2photo24ioc pid process /data/user/0/com.dm2photo24/cache/ads5559358883020715631.jar 5164 com.dm2photo24 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.dm2photo24description ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.dm2photo24 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.dm2photo24description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.dm2photo24 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.dm2photo24 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call android.app.IActivityManager.registerReceiver com.dm2photo24 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.dm2photo24 -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework API call javax.crypto.Cipher.doFinal com.dm2photo24
Processes
-
com.dm2photo241⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:5164
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5d80f6d032778b02d10a9c9a2f1a24714
SHA1e34d4ea9618b1b499b65032723ea029ab3998500
SHA256ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b
SHA51234fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1
-
Filesize
28KB
MD5cf901d6a4865bb51420bf1ddec54456b
SHA19b8b917efa8d6428d93744f4b747180f35222647
SHA256b3ea0dd2b6831c581d22442a11898eff9f0965b2586ab7c92a20557bab693f2f
SHA512b964cc88c3fe17d6f64925aedde386b19bda699f151989bc0b6932c46f9021defa1f90dee8e8e4064f157d5e4e4074cd27b72d9ef3631e190907db55e827bbe0
-
Filesize
28KB
MD5caf8df69768c07f3f50f95dad4e9d0d5
SHA12106296a9e84fdca64fc029f843b16328ef8299f
SHA256a2392c518dcb8e1fcf487050bdf26b3011311dbd751bbb5aae25f980a75e4b92
SHA512e902c31f14eb39421fa2f41d44c0a45a7733e5e81aaa720db0154f057f6c150c6d044c81b335fd6890e886a5bb29aa750d2d1448130bb63249952266696a4e78
-
Filesize
16KB
MD51634e9d1a828c3cbf0e805f29cdc92a1
SHA1e140f2949ea6a97df701910d6ab9bd7eb568eaec
SHA2569ce0d4ad4ed1bf5cc9e7a42603f798a61321e385db86c56457a1e8a0c893eb16
SHA51245bb25a66bdb68164d993b487a8302e2d3d374821a35fe7b76cf92227a82ef41b4ffa1b56cf0cd66971c2e526e4956d18585505824c89402be9fc7ab065bb5f2
-
Filesize
512B
MD5a891c3fecdbee4f4419d53629194193c
SHA172c1068441e2c5deadd445a258d1468b11810861
SHA256b1b675f643b9db7107c50154c501a9831f17d74e527675001fd9766d90b093fc
SHA51281a6e9c8dc803d9878f1eb50aa654c691ee2251865f41188313984bfa50200512d8ed4bc0e2f9016a9dce40dae3064d1a002271e3f527a2df3a2e3716220d57c
-
Filesize
8KB
MD5300ee00f31c029e49792de9d7ce521ea
SHA122c021e966288d0ab9d235a31dd445dd6eaa25b0
SHA2569a36ddd55b03362345e1e443940f3652c8f98aa5641fc400730d8c9d9449d660
SHA512dcae75027421c59cd72e7c8959d8bec42d9a757a4169aa564906dbbbd718ab540438effc5ca196dd33f79fd6167eb6e024150ddf57add1f028127cd9989c69e3
-
Filesize
8KB
MD53ec99ac6ffcdc318e4a79aa599040067
SHA1597d60ed4ca081352f2f8d89fdb021584b7e6ab1
SHA256b02c4bc6b1a13a8a171a66f0c71773a3363761fa01900aa3a9c6f4606a0bf9f4
SHA5120d5130b77ddae062506a3a3b8e92bb94e0912d3a5d61f8dfb12e9fb3bee3cd24fd634cd70d6f5784ea6b9172f8e3891eb89f1e820958a2e464d2655f1f743e99
-
Filesize
63KB
MD50e82b33284e7d810dd9e350e22423125
SHA1e8400b31498cded7988c5a7f9bba2bf351ae5189
SHA256e72d6614473f140732c907c5df5c041cad180d5015a2b86050abc3edc5644a5d
SHA512a295c8c10759c44e4df3d10ea372969590730e8c33d42cff7e07b2c39d1f3248916a0f2ae293c647ce7f942f531b03caab4c605590d4969f799eb8b26ef9eac4
-
Filesize
22KB
MD5c1c75ba9fda9128ea1f79555c02f2fb6
SHA196f62897f0f82eb973f4cacb18f89d1cffa4e696
SHA256a40a4a11b0a2e8ae227e6d101cbd27a3f7736292795ba223f5d086753cd3eb60
SHA512bd46619ff6a9119499307a19eb2f23378ccde2af4da04683ebc3535c3da9b81ece4cdb5db8ed118cd58cf5aca1314d87329d659e05f5a58a9aae5a20c24303a2
-
Filesize
13KB
MD59818dabc2eb86d5f4f071e9d67334570
SHA1117e7978c9293d86ea5492b90a4999cc24225dbb
SHA2561f075332b57fdfbb9417718f3c0d9f27ffbb2c135b3291aca4b9f2911d7e9e3b
SHA51279937390d4b02688abb0e24cef356024c3dbd3cd59d85ea3300556af59f0648293ed24fb5db740a4329fdddccf43af3b7679135555397a3adedd3eeccf5423a0
-
Filesize
4KB
MD512670a32ad1380c9021a9e74aa5f2281
SHA17e8caf0c7a4d78452efb90958e8ce1aae5148e44
SHA256f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9
SHA5121277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06
-
Filesize
20B
MD543b8178d07625ecd992fe743620d4499
SHA1ab319433e59a4df80f630c22b1286d2cef660277
SHA256cd842a10ce6f9f092368b978704512b5ab81a576f2bd129c7123da9f676216b6
SHA512da8e5caf9ff74dd0742066245af09f1b8af4834bbc458873e0c8f32c24bcc3dd3705b7ffa4f53fd9116b0861c2dfef491f2c44b35e52354025370fd94e0eb386