Analysis
-
max time kernel
160s -
max time network
149s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
02-06-2024 21:45
Static task
static1
Behavioral task
behavioral1
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8f8a468acb35106fafd7893f36428a8f_JaffaCakes118.apk
-
Size
4.2MB
-
MD5
8f8a468acb35106fafd7893f36428a8f
-
SHA1
dd880c83455e1f1fce214ab31c36450c43a23291
-
SHA256
dbc82167bd33f85b5fb78303de64a56aeb8da555cbd202f6d179dc7d6822f497
-
SHA512
9aabd46c99daf4bdb5b1d002eaa69cd51f3291232530e404306bbb7261bb9a87c508dc6250f9ee942065224026b789ef3e6242bcd9ff6e1e4da681258c901f45
-
SSDEEP
98304:afIyL/HObxN+sy121xanDJJgr/x74sNm0RJBu3S88DtGsqco07:gpfOlNTy0V/x74sNm0XU3OXBB7
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.dm2photo24description ioc process File opened for read /proc/cpuinfo com.dm2photo24 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.dm2photo24description ioc process File opened for read /proc/meminfo com.dm2photo24 -
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.dm2photo24ioc pid process /data/user/0/com.dm2photo24/cache/ads4802521239066903196.jar 4621 com.dm2photo24 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.dm2photo24description ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.dm2photo24 -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.dm2photo24description ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.dm2photo24 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.dm2photo24 -
Reads information about phone network operator. 1 TTPs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.dm2photo24description ioc process Framework API call javax.crypto.Cipher.doFinal com.dm2photo24
Processes
-
com.dm2photo241⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about the current Wi-Fi connection
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4621
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5d80f6d032778b02d10a9c9a2f1a24714
SHA1e34d4ea9618b1b499b65032723ea029ab3998500
SHA256ee2de01a238f9e1834f9f9934dd1f5b267bdf9747965641d2fd636d740041f9b
SHA51234fa52d41831142f86999ac407aafeb2b69bb4cd45ada9f739be84c80deb0414d11d6784f385eec287e4f6b5bdf29ba1c9a6a77c07707d66a73c60eb389136e1
-
Filesize
4KB
MD512670a32ad1380c9021a9e74aa5f2281
SHA17e8caf0c7a4d78452efb90958e8ce1aae5148e44
SHA256f3c142f78cadcb57d7da3d8e4dc5f8c7b05377417c639059910696c844afc1f9
SHA5121277dde373cab02d5df62732834adb79f8dbf1d1a9ac56b5b348e354317fadc24fe20b5ebdd1ecc28f8fc98dcdff807d2839bef75ef7d871e976e68a95851b06
-
Filesize
28KB
MD54cecbb3f5649eabf8edf0129ba078b3d
SHA1e1f2be1d129eb1c2930aa4b44333487b8ab38fdf
SHA25648110190d801d19b5df7f08698c901897ec64c6ec0f162a5402d08192c45c227
SHA512c1703f7853349d4db28ca80c080559e72d742c43ee88ff16986de7217c3d3d216c8c0d50cb30c08f010926f6b04b9a6accf9ce82bcd2a041b85a7dfda38b0517
-
Filesize
28KB
MD53ebd5426ebdcd88bb5acb9eca20fba37
SHA1b630be0325b53bafe7a5fd0ec430fefdd929b498
SHA2560be0d785f14286134082dd4a03fefea2ebd773720bf61f3efd4b439f81abe7c9
SHA51214c3fe6ee4c1c097afa8e1381ebb69ebf0da2ea3c6f5288d0978399a92fc096aae5df2f609fb16696507f7055b6d7068a53f03079e7d3a8ba6a2bd667b7ee7b1
-
Filesize
16KB
MD574019c7cdd73c2507fdae03de766b6e4
SHA190a42ea2c3ca5d48eb7c9ae2e2d702e6392eecaf
SHA25622c0668c231aaec5b546b881840fc48811212e60608bd09d4cbdacb800fe087f
SHA51288bd672243c82e39e5a32101c22c3bfa104fd39a7f7d326a04bd75fe1fa5273effc616165946ceddae0bf2a2ddc70fac5116cf6fd2075fb531e5a6162e43ba48
-
Filesize
512B
MD569cc9a012aa7cb3db56211af0944cf07
SHA151e102f644f6ceb5b4e6d6b2342564faa998f28d
SHA256ad8342093a51fec13bee57796d646e0b1182c2e6af47b023e4854b59c32b41f3
SHA5121d07fb0b83b5e16a689020208b2bb6ff0a905a1beaf31b1fc4aca7ad4846c6b71ba82b20ed6b4e471b7fb56c550ac49c107dbbe9ae7112d250ca549c16ad9e03
-
Filesize
8KB
MD562000f54da7a6bc5e70acbd1496e782a
SHA1e282153291ff6e9f390f0d432bd33ae3db584642
SHA25674b82ac9ace08ba2fc7fe6913460be7e70bad637b8d9b664777b982e3a16a80f
SHA512ef37cb6ac3fd72e203917882f2c5f72d02a18ab776aba6722d0b8d55b7367425ce5aeb442417fff990585076bb021fc86968f5feee2c9a0428bd312bac59e05d
-
Filesize
8KB
MD51e7fd243e837a83c3536dd64d9308d43
SHA11c682af541a6fad6633190082cbae9646edd9eb4
SHA256c1bde08e6dca774bb5e9ce1f57adecaa897a3b7036ebdaff003217141ca937a8
SHA5129d28d8eb9e2a494af199e61a199d074d1d79779aa5dd2a3be984142dbf10b087964c44b94113c049fc35b920d79c74ead60cb9978f37d469592f9ee20e12edd4
-
Filesize
63KB
MD50e82b33284e7d810dd9e350e22423125
SHA1e8400b31498cded7988c5a7f9bba2bf351ae5189
SHA256e72d6614473f140732c907c5df5c041cad180d5015a2b86050abc3edc5644a5d
SHA512a295c8c10759c44e4df3d10ea372969590730e8c33d42cff7e07b2c39d1f3248916a0f2ae293c647ce7f942f531b03caab4c605590d4969f799eb8b26ef9eac4
-
Filesize
22KB
MD5c1c75ba9fda9128ea1f79555c02f2fb6
SHA196f62897f0f82eb973f4cacb18f89d1cffa4e696
SHA256a40a4a11b0a2e8ae227e6d101cbd27a3f7736292795ba223f5d086753cd3eb60
SHA512bd46619ff6a9119499307a19eb2f23378ccde2af4da04683ebc3535c3da9b81ece4cdb5db8ed118cd58cf5aca1314d87329d659e05f5a58a9aae5a20c24303a2
-
Filesize
13KB
MD59818dabc2eb86d5f4f071e9d67334570
SHA1117e7978c9293d86ea5492b90a4999cc24225dbb
SHA2561f075332b57fdfbb9417718f3c0d9f27ffbb2c135b3291aca4b9f2911d7e9e3b
SHA51279937390d4b02688abb0e24cef356024c3dbd3cd59d85ea3300556af59f0648293ed24fb5db740a4329fdddccf43af3b7679135555397a3adedd3eeccf5423a0
-
Filesize
20B
MD543b8178d07625ecd992fe743620d4499
SHA1ab319433e59a4df80f630c22b1286d2cef660277
SHA256cd842a10ce6f9f092368b978704512b5ab81a576f2bd129c7123da9f676216b6
SHA512da8e5caf9ff74dd0742066245af09f1b8af4834bbc458873e0c8f32c24bcc3dd3705b7ffa4f53fd9116b0861c2dfef491f2c44b35e52354025370fd94e0eb386