Analysis
-
max time kernel
123s -
max time network
175s -
platform
android_x64 -
resource
android-x64-arm64-20240603-en -
resource tags
-
submitted
03/06/2024, 14:04
General
-
Target
920dee95fd5c7abfc8b02238c319978d_JaffaCakes118.apk
-
Size
3.8MB
-
MD5
920dee95fd5c7abfc8b02238c319978d
-
SHA1
8cd9cedef3ae030784246d444dc69a3cf09bfe56
-
SHA256
dd3e5ebe3b02288621fc007fd8fc9bb69217b560d9f5fb7e1ccfe32344401e4a
-
SHA512
b5e9b0ba3fc574497c20071d0160221bd8aef0a2c916af0e5b00472de6e7ef755a9629efcbd254b7c9d82d7e1ad8d0300f46681871bafda00d793f9d2e62d018
-
SSDEEP
98304:up/i14ktIKMkDqTjtN3e3fX+chy59WmNCqFPhscN:uhi14ktIKR2THOPuoI0mEq3scN
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 5 IoCs
-
Checks known Qemu files. 1 TTPs 3 IoCs
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
com.crabandwhale.imgtexttools1⤵
- Checks if the Android device is rooted.
- Checks known Qemu files.
- Checks known Qemu pipes.
- Checks memory information
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
245B
MD552528b3ebfcc0f33e7165b2d516645e2
SHA13a75ddb0f67e50324ab43b1f6ece341c323b15c1
SHA256b7d1ad15cf544947f0eac1ce7ccf108f287ab9805ab3fd3441cd7075fed30791
SHA5123dba37f19579bc54f22ab2463e987a8951406490d18da386c61fa6a62695277619b93f8136b782ee09c92041690d1ee033bb233845404419e291ad3d87c764b2
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
52KB
MD5314f5112f03c2b3532919c8fb48102ff
SHA1bc879da3b9750fca2a25acec4353bb70ecf58f38
SHA2565d76ffc7a9a7050419531eaae2ef04177841a08080e811b4b5b367e9b40cc157
SHA5125f8ab795362a2a3d6a2a9cf6f4b12a4635e3fa6082714cd26929fd3469d7018c88f35f50c73e2fe13b0c6cfcf7899a41eca7f628ccb2acf7fe3e4962ecab546c
-
Filesize
8KB
MD5e16b4e52ef0a03edf5e5bb069da6ad5e
SHA1f52bd4d9eeb57d71ba08333d397d36f87183e2e8
SHA2565009183bde3c72b92f0a08615e83fbbeb1e68a15f14a2e330b44e1b033554efe
SHA512c561402d9ea587ec8079efccab0fbe8b18924b1a6413740b5b6cfa558f44483622740726d0db3c434a89b84f73bc098dde80acc62cf4b10210a9961bde171e87
-
Filesize
8KB
MD525958bfdce198848b28f8064e68388fb
SHA12bbce0f891cc499baf79cac21a0e65d5666424f1
SHA256abab250391dbeae5a4ab3032a3fb20f9f9aba83a76bdd75cc758a4e2e1ee9afb
SHA5120eab8becd2bc618d8ac2fbc88b0ac0cc9dafe96e594bb1d74e92892e95af0e738297f8b621f65a2302b891a4dd800915b2e1425e3abea148cc78feb8b3236ac9
-
Filesize
512B
MD504e7b42290f16d3ba5e91ca7fa9327dd
SHA1145d167fc94eab415087a9764e42fe9f84229a0d
SHA256aedc7b85b2f03ca2c00a928e81a440aa92723bb30cfcd7357087a5faec80ed5a
SHA512a8bbeeda9292d1d3c5a425a4df0d9c6e9148b038036488786699131643793b5d4bfc57ddabae5c4893f21ae19dae5ae2040c8c0dc1a7f36772dff6695eaa821c
-
Filesize
8KB
MD5bd60b820ff150abdfb9b6f6d5d17eda8
SHA10549e3e54089362dd32c1e0103331f80cdc4d329
SHA256dd48b82b0dcc7ac3692c8bf6cdd74525f1534da015e1237c10fb446697528c0a
SHA5129fde194982ce66a1fef31452bf1ba68c23bfdc799288457c72d206fd79d4cfca8fb7daf4a148bbaeb90cfe9d9e1f171fe47862f29ee4bebf7e4492d753292e60
-
Filesize
8KB
MD53656b0cc70bc8c19b3baf604ddb354f5
SHA15f7c032d95de48d3ab5a3aa482dcb0e2c7f7207b
SHA25606b0c2e264edf1262f8ecf5d40f0e5f0a8189a05e64e1f1316a78254c6f897a0
SHA512d59350c7beacfd4a76a1e778ef2f7f1fde2e771b110f678582a73dfd5d6363cf15a77ba0087d62edb7c28381544e96c8a0a534bf36e82a7f138d682fa6ee7ff1