Overview
overview
7Static
static
690fc7aa870...18.apk
android-9-x86
790fc7aa870...18.apk
android-11-x64
7bdxadsdk.apk
android-9-x86
bdxadsdk.apk
android-10-x64
bdxadsdk.apk
android-11-x64
stasdk_core.apk
android-9-x86
7stasdk_core.apk
android-10-x64
7stasdk_core.apk
android-11-x64
7base.apk
android-9-x86
base.apk
android-10-x64
base.apk
android-11-x64
bdxadsdk.apk
android-9-x86
bdxadsdk.apk
android-10-x64
bdxadsdk.apk
android-11-x64
gdtadv2.apk
android-9-x86
gdtadv2.apk
android-10-x64
gdtadv2.apk
android-11-x64
Analysis
-
max time kernel
13s -
max time network
160s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system -
submitted
03-06-2024 07:41
Static task
static1
Behavioral task
behavioral1
Sample
90fc7aa870a2ee94981fd5406b4cc9a8_JaffaCakes118.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
90fc7aa870a2ee94981fd5406b4cc9a8_JaffaCakes118.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral4
Sample
bdxadsdk.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral5
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral6
Sample
stasdk_core.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral7
Sample
stasdk_core.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral8
Sample
stasdk_core.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral9
Sample
base.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral10
Sample
base.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral11
Sample
base.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral12
Sample
bdxadsdk.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral13
Sample
bdxadsdk.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral14
Sample
bdxadsdk.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral15
Sample
gdtadv2.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral16
Sample
gdtadv2.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral17
Sample
gdtadv2.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
90fc7aa870a2ee94981fd5406b4cc9a8_JaffaCakes118.apk
-
Size
16.0MB
-
MD5
90fc7aa870a2ee94981fd5406b4cc9a8
-
SHA1
74de96a52a0300bf4f842427d990c72462216cc0
-
SHA256
444bc8f17d282f8e830de8e324d6e873e57900d15c66b6e33d275b9ecc48538f
-
SHA512
5eb50c4c18d4e6ddf58afcae1f09d669c80394fa8525c0c60e10faab9cfa38beb8ee52e33955ef37fce806c7d6777e0b3f0892b0287b98f86a0dfeea4f6231d8
-
SSDEEP
393216:YuvreYLsqOowfz66DpCFDQWPaU4bjrOlyoC2WrUAMGV:YuvradnBSb4aa2Wt
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.companyname.Space_Program/files/stares/updates/sta.jar --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/user/0/com.companyname.Space_Program/files/stares/updates/oat/x86/sta.odex --compiler-filter=quicken --class-loader-context=&com.companyname.Space_Programioc pid process /data/user/0/com.companyname.Space_Program/files/stares/updates/sta.jar 4390 /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.companyname.Space_Program/files/stares/updates/sta.jar --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/user/0/com.companyname.Space_Program/files/stares/updates/oat/x86/sta.odex --compiler-filter=quicken --class-loader-context=& /data/user/0/com.companyname.Space_Program/files/stares/updates/sta.jar 4288 com.companyname.Space_Program -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
Processes
-
com.companyname.Space_Program1⤵
- Loads dropped Dex/Jar
PID:4288 -
getprop ro.board.platform2⤵PID:4322
-
-
getprop ro.mediatek.platform2⤵PID:4342
-
-
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.companyname.Space_Program/files/stares/updates/sta.jar --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/user/0/com.companyname.Space_Program/files/stares/updates/oat/x86/sta.odex --compiler-filter=quicken --class-loader-context=&2⤵
- Loads dropped Dex/Jar
PID:4390
-
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.8MB
MD56bb4a9ad273b9145612ba1b22df71c80
SHA1b2345dc7429dd5eaf6ac3e01e5ff13d8df983efe
SHA2563fc5c73077df4f0ab20d662f9581b40cab0812d2a11aedea240416228096068e
SHA512558afc8776af7a59e886a31f0cb7e799266d371f6c8a12f040b4120a3d861da81c925a14ee12c246555e4d9a2624204e09ae7d1aca81ac923eb4d4841ab040a2
-
Filesize
4.1MB
MD5930b928b30123dde3a54ec559976a435
SHA127c7c40ee682f200d1bfd5960dfd952894cd16e6
SHA2560d9581f5e4a7b9cd40294f043459f416cc3c1a4ad851d6480c098e6e86602801
SHA512824447f3f2f48909bfcceafb8f01792313449f51860d575b8f39eae04910581fcc365cb9e34c2c7fa68e2a61da8eeafa49badd36cf3902bad3647dd354eaa26a
-
Filesize
4.1MB
MD5e86c274dc95a84271f67bbca9d98b4e5
SHA118b4cdbcf54d65cfc69123b901d240536fdbb47e
SHA256e7e5a9e89703911aee3e8db1e8137e9403f6371bb352956fc333490bb71b5495
SHA512d62d47498deb05ff6b2593f17c6c6a73f9febbdf5f1fa56c6e59c37c6b8ec8b7a8033b8236005326981bb51b9aea7a53eda6a28451bf37ebb61fb5ee6e9a1738
-
Filesize
36B
MD54122b08ca238e618a6d485b7ae27f840
SHA1ec69780584b2e4b184f0a3eab61751856f363dc3
SHA256ca8aa5a681fbb867819b227cf3290eab53a029f3f4ef949cfd445c8005265634
SHA512a67615ba7b8f035cbc2b3b2a1f43edb9bd8f61df460504fe4fb122205decb853595f305a8ea824798fd39d54cd284d6d95717a512242922e729c4f9d632c3bec