Analysis
-
max time kernel
177s -
max time network
135s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
02-06-2024 19:48
Static task
static1
Behavioral task
behavioral1
Sample
8f37da916c775c0b7e5dff6c37995dee_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8f37da916c775c0b7e5dff6c37995dee_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8f37da916c775c0b7e5dff6c37995dee_JaffaCakes118.apk
-
Size
5.2MB
-
MD5
8f37da916c775c0b7e5dff6c37995dee
-
SHA1
9d19ac1a285eda0373d9c33187258991a37678b9
-
SHA256
fa9371c84e1eec53f64bd3953883247894addb494a89a945bd32685e9887bed2
-
SHA512
ce2a618bbcf744c6cc345c3db8af3a4883ca8c9c7565bc61177ce1ffd2940ae7ad361b89c7a36fd29b909243b9073702a59dedd1b343d9ec133b470f66df71a2
-
SSDEEP
98304:7f+K6aOVCGKmE50CW5CLH0az272mBzLDhFLOWTfyJWTsp7aj10WOz1+APU9zRL2e:COoCjPW5Cos2aWzyBxajG7s9Vy0
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests cell location 2 TTPs 2 IoCs
Uses Android APIs to to get current cell location.
Processes:
fang.mp3.dlv7description ioc process Framework service call com.android.internal.telephony.ITelephony.getCellLocation fang.mp3.dlv7 Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo fang.mp3.dlv7 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
fang.mp3.dlv7description ioc process File opened for read /proc/meminfo fang.mp3.dlv7 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
fang.mp3.dlv7description ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener fang.mp3.dlv7 -
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
fang.mp3.dlv7description ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses fang.mp3.dlv7 -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
Processes:
fang.mp3.dlv7description ioc process Framework service call android.net.wifi.IWifiManager.getScanResults fang.mp3.dlv7 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
fang.mp3.dlv7description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone fang.mp3.dlv7 -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
fang.mp3.dlv7description ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo fang.mp3.dlv7 -
Reads information about phone network operator. 1 TTPs
Processes
-
fang.mp3.dlv71⤵
- Requests cell location
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Checks if the internet connection is available
PID:4641
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Execution Guardrails
1Geofencing
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
28KB
MD5acb3eeca747c7d15277490824ee9442d
SHA1239ccf9162a24b0fd2aedfbe4433421441d1c32d
SHA2564afc99ce74b0379a8054b5154064f448b859964f08e49d36c80591ba94f56317
SHA512f13f01306f8e86af317fbf782d802c5f696db85abb6fc0b77fbfd9cd13be6e073fa2bf5ebd4ce60e9d92adf412494d51d8d162bc63de5e9d03d041dfeb4bb00a
-
Filesize
8KB
MD5c43c4ca8cfc91810367eaf8dd060b670
SHA1ff31e1cdd22f1d3985909b2b04d635a93ff1db8c
SHA256b133f9b68316960f4e04f6730b0d6861d0911b71e6a4dd5d99c047e83416ff39
SHA512e27a63439140c73e6ef6a00f724bbadaf5650b6651b0de8e1e5cc24fe6a2344a8c9a93ecefb217891d9aca963735e9aa89ad9dba3ed224a58969c41095eb889d
-
Filesize
8KB
MD5aa1d5962a5427eda7ec0c759fa73ea26
SHA1546b8af62be4792b913d3c7cd9bc1456658b45b2
SHA256c4f713de66e30100b5ec28d28521c3310183167d7c03a9b0a73b98ac9aacde22
SHA512fafaa30250d43cd0114ee566077cf31e6702bcfa60ce0e9e80d66fdafd1b42d95450ff936a4522a7998e0b55929c89571a9d0982f4a286c1c77d97f68072b564
-
Filesize
12KB
MD58f4bec1df3bc756e67c408f531f16d56
SHA1f9588219d6a2299a14fc687fa345cfb339f2316b
SHA25686fd226cb794edac7e1e0f4ce82c64184a9f92bea41f3c7a4e5f2d2c52c59504
SHA512116659b2fb885017cc8ff8eab1c78bc9cea4382c3f698b75e54d62c4beac7113164898906505ee400f070cb7cd2d3df791ff2ee6e9d75159c4ff5f9c44728a32
-
Filesize
12KB
MD55245e446a8bd467afe916f98f8be6efb
SHA1ea0f180509d260733e430a89113a788986e0a9e7
SHA2568baac51222c2974aaeec23453809e4cab915d4642dcc915a153865822a860e6e
SHA512ce0508b0eeefd4720e1b7c59babc43ce5dc8a81444776e2560d2b76c78ac35c58bd95cccf0cae8c98769119beff40a288f166e92240c3e04295a253a4ae55c95
-
Filesize
12KB
MD59a0e096780a51716b788f7377f7cf317
SHA163b3ee02a7911937452bc25ad6047e50c4f1e52f
SHA256295dab911c12e6e33e06ebf57469e39ae728598c73f75c83d7eade7bd0ecf6aa
SHA5121d18ac22b3867788e61aae7a4e8487bd8eb89f7f10ffde4ba9ef825aae1c35a8986951dad865fba646adf6789bf45b7430888e972ebd89b81182bc6b08223ede
-
Filesize
512B
MD593732375f32a691461a4b0f1f092835e
SHA1957325886d5ded074dc2aff84828f90a7f076bf5
SHA256ba486ce6ae8aa4e112d59d952f250cd866119651e1f7c2efe0f6f8e4f08f23b3
SHA512ce40a6697e9f5991e80b7927a51532cb131608322fad6812bf3cea76fa24772103e4da08860b0dc62cc760543fb75fda225cc1f289495bbca9371556ddfa7e10
-
Filesize
24KB
MD51004008473569b78baf0cc8684f7711e
SHA16e7e7093ee301ed36053ae04120a1d4aaae378c9
SHA25631b7a13b701379ef78317f70edf75ac7308959405260bb0f54b6f4749b159839
SHA5121a61db1d9735421b4cf6b2b732c357f38b2f40f98fdf89dc48faa61603395f3d793fc7c13389c9d7c51a391bb727c7e613de03fc3a512f8b63ed9add0ba494a1
-
Filesize
512B
MD57103423d2b7b8407ec045fabbf944ef4
SHA19181b64cbf5b8c682f402563ad267c374cc9d860
SHA2563e4eb66d4f315b7dd691001b215de2e3c3ec20b28b7371f63a1313102f397724
SHA512106df9e98544a5f9ba9e1a0ea7701a51719199152d957e6189363e7e79a304df3845731b396503e61b77f7b59e2695f4c90fc427ad031db49e4930e89e0558cc
-
Filesize
8KB
MD57a843342bd0510b2095978d67c20555f
SHA109dd675838169a1a9cae46ce95226fce6beb0e69
SHA256710e3ec8c0b696b2899bcfefe4592c332e10b6e5adf41aa28eb2a2605840a8e4
SHA512f43c637a0ff17287f1b79bbe82e99c1fce36d62a026bb53d769fe4de84a2e6740cd28f45c73d93aebf21ab05e4734b68f34d3b4610fd1f4bffdf253c2f55c2f8
-
Filesize
8KB
MD57394ba0a6c15c4dfe60e24b3afb19563
SHA1f43f9674de2e65ba45ecc99b90310a90947c3f23
SHA2561e396a1aa872167972f5b440975b4ff76beee65c68cdaebaf920c28076d93d9b
SHA512c228c9b54998516054fbad67eb1d5cd2102293cddf0e6254cd0488346d663cca46a2c35a6b4ef5d40603dc30574cde1570bd95820fe0db26e4f9e202b9baef89
-
Filesize
28KB
MD560ae3555b60853ad5a921e6f0e489e7f
SHA1707ea120f60037bddac28635b5f3c0d74a69dfc1
SHA25668be1e675b68f8a894c80caa952c1205e292c427657bb79a58b9b366934d1d8a
SHA512550cfd40a3a3bc7be604a81c9c9c879078033d12282cf32ca6464851479823febd12ed2162ca6241b01a03ad52cd80cf3fe3c0252591e68cb11a8ceb682f2f39
-
Filesize
28KB
MD510714bffbf718ecbb32d283bd591f617
SHA1ad71c32edc529ca0f45462716feac924b45f1dd9
SHA256da76d3995aab64c9c92034e9fc431d6ad25e50f678ed9c4556cbadc53aee3870
SHA512e0de14edeeaa1b1cd65c90e03c20c28a01741e527f37d1790dee5b9dbe6091a1c5d4779983d1d2510194cc88fa8823e4507f032e26d6941f4d1df32a3fd6adfc
-
Filesize
12KB
MD599ab26c4859660f855e20a6340c8946b
SHA1bb91f5819b63cc5b210c4845b169e97b6bb4837f
SHA256efa972b27b9324391a69073b0240e7f21882af0459a56a96cef853502eec769e
SHA5129d56d08949d653a707ec08ff2c34fb930a77aa7c5f52cf4181e43d156e635c4af97fde26c4c505488ef42dd6b112eb3efe12b1fa07dedc37069df8724c3eb4a7
-
Filesize
512B
MD584a969f41b8beaae4608bff469a407bf
SHA14c0285a963644725cf32a3a7be07108aae0c6753
SHA25653a2e83a0676f51d3b84656d6b06779fd4a8123a098cc6d1b2870c3f74d1c513
SHA512189a17dbbf793b7cf8f956552f8e625ab0cbd541520825d65f7411e556a9bfb4cf3ff8623a2561b07c5b35b49e5beac51885a1c9d1ed0f5f4b414be34a3551f3
-
Filesize
8KB
MD59f9edf6fd7cc3e3cf2fb8849a29bcb70
SHA1a4d34aa1ea42046a84eb24932654fc83c0ecb250
SHA25606c1a3d8975d7ca08a50fa243b7a6da6fdeca0af04ef22946ca9a2205c0a223d
SHA5125c44eb488a47b16f50064e8f2bef089437a3aaeba880c71757474e9a8552f5066a9397f7e2c8d9a019fba01843e464e28233046de6f5c96444a02790e9693d84
-
Filesize
4KB
MD52101a26e8422924ff24b02034c3c62f4
SHA14289d246ec867ca6b6c4293a8d519f6d2a047b26
SHA25699bd00446ef2f75c6c24a8fed4a169aabc2d4a1c9df33a9268b725183f88d8a6
SHA512e234e8e6dc064f0a959c4b64b803df232eff9752344b18820861bfac25a7a5bbc40820167a7f3809a20d2e2029559cfb51bd4e2184d4063287968094863052ff
-
Filesize
8KB
MD5964d61b4288401a0f1daab330659cf5b
SHA113ba6f1af800addd15a14849c82378a079020ef8
SHA2566036607d2b3751f661401164a6f00608c206025d70adba2c8609c31bb000fc53
SHA512ae8b78df2811ceeac759aba3b40dc3e0fa9be206b5c9f2c5051a0b29b4781314efe5700cf8ddbc0bb3329cc9f5ba866504d594ea5be30cb003283ece43c8eb80
-
Filesize
8KB
MD5b61bba428318a9d3f468200c60152a48
SHA141863503aa08fad43dcf7938abd4ddff64b0471f
SHA256348d0b33498b9d46bcf0c5985af90b1bf309c22c86d3e170962a96e5c1c9716e
SHA51235c6d3bdab624b40997422d867e8ff1176723a64421b810087e1d81eb28e1f26651d1dd27ae443d5204da3e12154cce36846a6407e4c59b092650bb6c50a52c3
-
Filesize
88B
MD553d64a13f382e1835ce3428842351b87
SHA12af6b0f9d30553688e84e2443d8729ef24bd905f
SHA2567e2f215e11d8e78c4bebfbecb102671e126455f5a27ffdf8c1b0b230f40a2699
SHA512cbee974a075e5763b471906cd3b6aaa7f2414da77fc6ec69256fe0506c5ba150fb8bc61e43c6aef4ee930646949cd90088a7303b0bc51eb6426f7d0a294e3e1a
-
Filesize
72B
MD5b93c096c4a4256a76a35955acf75f98d
SHA14c915d8ff701ee2d9e24fdda0ebc87cb37bde37f
SHA256801ee8f13155406b640b4d7b630d0473100fcbb82eb727bff03585da4343ebe8
SHA512a557418d61d18a00116c2c8de7c45e14b071fb933b45ac05c1b322952957594d6288abd2f95d20d0f724ac5acce18b14aef00009288206eb7c43ab60c5de6f79
-
Filesize
295B
MD54e442c923057315460410143bc18a5c5
SHA11e6ce6ea51ea7c7608ae6889160ccb91f0d7c116
SHA256e4817155fdaf7501b4ab3c9311d8d07705e0d9c8de8c07835bbd20cd2a6390d4
SHA5125d9d07310a2158183f32ea1540933d65ae53395eabd7dd0693ad4b50683be673ca688da5daafb1d677df04e9861f99b7cb6c82022d49e7b3363df1c046cf3b4e
-
Filesize
36B
MD518550577b484a0e18b800de8263e7e8a
SHA1572844163c9228f628c68ca4f2ee4213c8ff321f
SHA256b67b6db86cc63d81d3c96413b85faf6aab01bb14e400b5fffd25149367cddbd9
SHA512a9753164d7b3c4dc716378c0ffca58943707d3c3f7900610fba1224f25bc88ce0f096bd8825891c25b54f6eb77e7a6e6c177cf3711ab13f64bade1c6c63123c8
-
Filesize
181B
MD55f1a61cd768d1d0d2ba1f41af39ed1d6
SHA1e9efaab032c07d485ba10b77448eb05eafb5a8ce
SHA256323711ea097e99a032b55fd7c52e319f64c28762778f63760046ba3f368bc082
SHA5122a89c90459c010d2e0a943bc5fd085d0472d9c167e827dc7d25843b66a88e284330827767c4978a96ac3c763fa18242bb225590973fe0ca2fd321d28b04e4d12