Analysis
-
max time kernel
178s -
max time network
160s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
02-06-2024 19:48
Static task
static1
Behavioral task
behavioral1
Sample
8f37da916c775c0b7e5dff6c37995dee_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8f37da916c775c0b7e5dff6c37995dee_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8f37da916c775c0b7e5dff6c37995dee_JaffaCakes118.apk
-
Size
5.2MB
-
MD5
8f37da916c775c0b7e5dff6c37995dee
-
SHA1
9d19ac1a285eda0373d9c33187258991a37678b9
-
SHA256
fa9371c84e1eec53f64bd3953883247894addb494a89a945bd32685e9887bed2
-
SHA512
ce2a618bbcf744c6cc345c3db8af3a4883ca8c9c7565bc61177ce1ffd2940ae7ad361b89c7a36fd29b909243b9073702a59dedd1b343d9ec133b470f66df71a2
-
SSDEEP
98304:7f+K6aOVCGKmE50CW5CLH0az272mBzLDhFLOWTfyJWTsp7aj10WOz1+APU9zRL2e:COoCjPW5Cos2aWzyBxajG7s9Vy0
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 1 TTPs 2 IoCs
Uses Android APIs to to get current cell information.
Processes:
fang.mp3.dlv7description ioc process Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo fang.mp3.dlv7 Framework service call com.android.internal.telephony.ITelephony.getCellLocation fang.mp3.dlv7 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
fang.mp3.dlv7description ioc process File opened for read /proc/meminfo fang.mp3.dlv7 -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
fang.mp3.dlv7description ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses fang.mp3.dlv7 -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
fang.mp3.dlv7description ioc process Framework service call android.net.wifi.IWifiManager.getScanResults fang.mp3.dlv7 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
fang.mp3.dlv7description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone fang.mp3.dlv7 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
fang.mp3.dlv7description ioc process Framework service call android.app.IActivityManager.registerReceiver fang.mp3.dlv7 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
fang.mp3.dlv7description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo fang.mp3.dlv7 -
Reads information about phone network operator. 1 TTPs
Processes
-
fang.mp3.dlv71⤵
- Requests cell location
- Checks memory information
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4282
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
512B
MD536291e028bc011052d3ac0e47ef97da6
SHA1b382bfcfc03ebd91ff25540b7ef820fd0c376888
SHA256814fd710a424a5554e2abca346a5738f4e566341f322f5dca8e38e54a69d7581
SHA512bb25191c87ba88c57c93a137b2a11c715af6f6930dc615ea512378765a6ded29c923a44444c2bf5191fe54f53c8ccf1684387a548489c866e19d918593811284
-
Filesize
128KB
MD5e97f11910fb00c283c9acfe4c94f710b
SHA10dc45c48c600517b9a76705b5140d99051d0cec2
SHA256f3fa38f10ca58274122c8f627197116751015041059f72b3863c467a771075ae
SHA512bcce1355e76b13a2f86711e84bc376922e2d2795c9e9128a0005ba4bcf5e7bd8144be0cb99d5ad2c0b6abc72fcf2081adb3a811544c19f5de1a90bf6f96eacd3
-
Filesize
24KB
MD5aacb15c9d685827183320fd93a59c0e0
SHA1e60f357537a48b0f9e782efa2aaebaffd03f5090
SHA2562accdfe01e5e158568a6b579d231565eac7adefd4e57ee30493274a0c5147cda
SHA512730955879fd7aeb5a7e286c46ad729997bd8dd16c6f206c2752dd667043379bc60b1f8d1ae7ecb3d8276ef944b8b27182a30f0f003981376a25b48dbb46a027d
-
Filesize
512B
MD551508b1530fd58e5955960339893604d
SHA1ddcd33783962877aa355104f383f171dcb7564ed
SHA256d359fe82e72f5b91c36c1728bdb14c3f4cf42d2a6be88abc1286fbd786c39a73
SHA512194479a7615e3beb70dda86e95b7d3218e345dbe7964aac27f79f2e2edfc2adf69a80fa2e02a12b1e4cd954a7e34c670d263f9c8a145838f41a1be57007a0e1e
-
Filesize
36KB
MD50b0f8f44c718dac5030a43988e7b57fe
SHA1dba6c7b0d5e8a629783936483447de1ce62c5599
SHA256cfb7bc562c15f35ee5177c7a05f9661e1286ed7681e337c7a586b59213354696
SHA512523e84915afa8bdde9cb121bd6f12c6cf48ac00d7ff2c527d9736dbc7943ced160d87ffefbf5fcaff66122b6f9b7cdad6d7341af5f45d5a8a3c983455de2b20e
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5ed5be03965cdc0a82016ef6dd23a2572
SHA199d5e6f6e71878d8f8223a1f7e9ad396c94d70e9
SHA2567f4bea18787595abd6c759241c39d1f5ac1bcf818fccd7c87b3a0640d894b4b3
SHA5123c21e400e5611d6acbde5d7d88b8c64af47b72517d32d1ce1ffc10a7a0fb59fe5e8edfa63f8ebd4ef7a6363c65fbbee50059d256b41b32f4063cb86d465f9047
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
512B
MD5dea9126d01d051c50bfb209c0a4242be
SHA14d87ab7d419f4403cdd5e2d0688ab594d2d3a0d5
SHA25655757cfe977113e0879fa3f4d51107954293aea7f0dd4140267adb33a3578e7d
SHA5125c277a7776559c9aafd78a6d88bfd1027cba47ded359bae053cf4fa17c269309e617047ff95cabfcce355264419139f52b2e6f198288db67777ca578c7e34361
-
Filesize
16KB
MD50e6e1fabbf256c635320c0bbb177fb21
SHA1893125b73d03f3225f2265f8590129ec375c05fb
SHA256fb61d12ff8f4e021f6d28fc93fe5a1548760ce2b43000922a4d5a46fc437dcbe
SHA51276181f6cef6c75ae410cbd5a860c4eb83ea72c588ef706691bf1af0418d0859316da8d2b4d496d82f0cfbf8a2884cee4a1e042cef38cd922d3b570f37f6806f4
-
Filesize
12KB
MD53fe30614d7e0d11db870b4624f6c50e0
SHA1053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA25667c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae
-
Filesize
52KB
MD5d39f622d8af4e8a665fe810a14a5f2ab
SHA1a7639671c2462467c1cd57fbcad77fca599030ca
SHA256b007f8b16e3274f4954401add2269bcc334dffb5f2d8330eb591efdea4633aa3
SHA512c5cbb8b760548e3fcad9c010c2194e3914f9ec6268506cbae96d58f4bfdf60f702853b3d36110d0b7ac76b98668477c5972d9c762f332037d46c0807a7636ec1
-
Filesize
76KB
MD5447b08af159c4dc5037c7a89d44c9040
SHA1209deae3691167acfb3c15ed745b0f8535823743
SHA256f8227a52be933527798cbf35ac6136b2f4a2413cc291bf4a3f1e5fd1957ed231
SHA512d1bb7600845092c83c60d74f39cec4c606d541f6707f914bf8f9580f3db5be9e601e53b76f14ee0aeb2e0fe08cdae2cdec028522fb4c29f1d1ab6b0c8255a3ff
-
Filesize
512B
MD557f74606e7ad7929044509665f17fb6a
SHA1f9929542892c6651a5b253fb1e52c7f962ee7e2d
SHA256b6f6ea968b80aefb00e150710ab20b281efb078b78835314af248106c82d871f
SHA512043d5e206cb5de3f3985bde14c4d9e8a6e33bbf021c2128a13ae1be792089cbf2a826ea94110ea1f2d01b752ac499ecf7a0828011ef39068d627939e693d2c39
-
Filesize
16KB
MD530aecd7ff8300911d36c29c84add6a01
SHA1e3454c87fa2375b838d335b330828b22f24d015d
SHA256e9eea39a236c6752637f7f313adff0ebdf303d335a14f07a1db09ab4ae56be24
SHA5120878160397d657d6016391b000f677176c606add518f13fd1d92c620341d3fc986782a355a7d55f38939067bbffe930349ebd65a3d05ce6dc2ca2aec6428c9e4
-
Filesize
88B
MD5bac9ca3176f41a0a4629eac6a8438e8c
SHA1be415c1a0fb6ac420d275d5bd379ef561225b954
SHA2565168e64cc1ff198f48ddb6d9b93bdc9467aed6c3710913faf3487a42a0eb3275
SHA512a100904a54f4b96c8f0c53da3f3cb3f07640242558afd08fece47840b0a2132550ec6b7af370913be94b09291f66f625f94eaf1d3d80dc3e6a4412a1ad22a8a7
-
Filesize
72B
MD5b93c096c4a4256a76a35955acf75f98d
SHA14c915d8ff701ee2d9e24fdda0ebc87cb37bde37f
SHA256801ee8f13155406b640b4d7b630d0473100fcbb82eb727bff03585da4343ebe8
SHA512a557418d61d18a00116c2c8de7c45e14b071fb933b45ac05c1b322952957594d6288abd2f95d20d0f724ac5acce18b14aef00009288206eb7c43ab60c5de6f79
-
Filesize
328B
MD51487a8eb5d60a756b9a7ce9bcae92bd3
SHA1db6365a623e3067de9df10de6c06bbee5a50c9fb
SHA2563eeab6777f65a359c2507468b6a33540af2cd214d0ce07ef3dc45d1f521a32fa
SHA512763046370fddb05f13f976cfd2bf897b9724b552cfa0dba0ae0b2e877f62aa12ccc1e14eb44eed4c3a2943359d11877760ff811d96f2c5166c4748a4e0dfeea1
-
Filesize
36B
MD5b317f0628c7248011ba7f9d05c77dfc7
SHA15cb7a78bf4150bc65779764382151b3b8721cb9f
SHA2566fb2e1808d82e2545621669d38d60f3650d140cfea39fe7c95caa3985278330f
SHA5120766e0d426cd62ca0b5969c48da6c70b4379512e547934faaa0c55b20da696dd7fffe24f9a080e900094b1a228032a5c2a512dfa07c9084cf1ef4e138bf82152
-
Filesize
181B
MD55f1a61cd768d1d0d2ba1f41af39ed1d6
SHA1e9efaab032c07d485ba10b77448eb05eafb5a8ce
SHA256323711ea097e99a032b55fd7c52e319f64c28762778f63760046ba3f368bc082
SHA5122a89c90459c010d2e0a943bc5fd085d0472d9c167e827dc7d25843b66a88e284330827767c4978a96ac3c763fa18242bb225590973fe0ca2fd321d28b04e4d12