Analysis
-
max time kernel
8s -
max time network
159s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
03-06-2024 03:40
Static task
static1
Behavioral task
behavioral1
Sample
906c6315bcbfd9b1e8a8e1216143412b_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
General
-
Target
906c6315bcbfd9b1e8a8e1216143412b_JaffaCakes118.apk
-
Size
10.0MB
-
MD5
906c6315bcbfd9b1e8a8e1216143412b
-
SHA1
11508442a9f64a96241ca6de9298bf06f8498f20
-
SHA256
f636b73f54e43566fd4720cd6c29561b881223d7aa9347a9f7bb74da41cecbba
-
SHA512
6c8a884e2a26523d3c9808f0a4d2745f1189a44234c453ca70e3e12e16072f6b1e69e4844a7ab741f0041ebfca65b3bcbce7a74e2cfc823dc622c508f275fd70
-
SSDEEP
196608:uPycIyOk4wPw3Z9i9Pm56Vois24UrESVBWGXyWJ6JUiVvuvYnV:Cxb6wPWZWM6VoiJrtPWGiWJj8
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 1 IoCs
ioc Process /system/bin/su com.gypsii.weibocamera -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
description ioc Process File opened for read /proc/meminfo com.gypsii.weibocamera -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.gypsii.weibocamera -
Checks if the internet connection is available 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.gypsii.weibocamera -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.gypsii.weibocamera
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
MD5443eccc49e1f62772571016b89d9d143
SHA1edde210118a7eb2b96ed92313bbcd95d9603b3a8
SHA256ffa1c0a59823bf8e0eddd9cf2cbd942ef0ab9ac429cadf776ef0dd93f9a2e266
SHA512025696358c9a960f269fffbacef768943b30333235794237e25976ab1b2a0b1949598b7a6986376636b8473ce01fa7f431179f00d8d05d23548b0c4162aafc71
-
Filesize
512B
MD566e9f500e22e39501b4cd020e7ab61ca
SHA183d5f294176bc57b9f1b7b2672a8e412271bc78c
SHA25636dd1647c8db363c49184f667658ed56640c264e3524e0b7ce86266889081075
SHA512046bd02e9c2f9975cd9c28f42f6ef5784bb9e06bd28fdc344e9dff2b70b1716f115289e3213997d10dc351ce7637b0941e52f0dde0d4ddafab0c2ce4f01de80e
-
Filesize
8KB
MD583b44ecbb4ac9faf44824594ccfe61ef
SHA1877bb60e95ca76d24e62f8e8c9d8106255b6bb57
SHA256f78ffe268edff0226e14aa08b02e28a201a27d9e1d59a673618f27a6a3ab1e4c
SHA512e321873a965d75cf3714c008d06790c81b5e013dee95084b5d5fe831871a16364bea48f322f0a637160f0dcb472047cf7199359cc4c7eed502dfcb7946420e8c
-
Filesize
8KB
MD534b792f06c29dcce43014cac7c4a6bbe
SHA1fe0b9663b5706f0e6e5d1f6ec7a4319f6756f0b2
SHA25639d03da953b9e272d6671d8da2f6845f08108c3acda70d8066ee9641e8b152db
SHA512adae2f3e444ba591fcfb7cf160dbc054236f08852d4b328cef42779308b53a7191347140da841d3375fe5c25e4cb923e3c2f9bf1d10325762b3ffda90ab8f1b8