Analysis
-
max time kernel
166s -
max time network
183s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
02-06-2024 20:39
Static task
static1
Behavioral task
behavioral1
Sample
8f597dc7ae1b549876e7240b3e6d3309_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
8f597dc7ae1b549876e7240b3e6d3309_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
8f597dc7ae1b549876e7240b3e6d3309_JaffaCakes118.apk
-
Size
4.1MB
-
MD5
8f597dc7ae1b549876e7240b3e6d3309
-
SHA1
67b97c6d307e3c5f8fd670cb6ae34e4699d2ace9
-
SHA256
7962b0baad5e81522ab16b4914c2f3c33a6dfe7a5202d0cb0d825a7017d8e675
-
SHA512
4fb74a74d151e748ba1ca9cda47b77f144aa50e67e7aa342a87ab9a97d0c1a9ac3db4c71d0f381288388aa14ff4fb6aa96d9e4cbdfeb489f3756c321fe1c3c38
-
SSDEEP
98304:5F34YtxiNIi8N55ZX70NKUroqyQ/ilEA5oJwfqXcfgL2AP4ZL:5FJsN2QNKUAlPoJMqX12APm
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.taptap.app.xzuj0bdescription ioc process File opened for read /proc/cpuinfo com.taptap.app.xzuj0b -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.taptap.app.xzuj0bdescription ioc process File opened for read /proc/meminfo com.taptap.app.xzuj0b -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.taptap.app.xzuj0bdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.taptap.app.xzuj0b -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.taptap.app.xzuj0bdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.taptap.app.xzuj0b -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.taptap.app.xzuj0bdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.taptap.app.xzuj0b