Analysis
-
max time kernel
7s -
max time network
136s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
04-06-2024 01:43
Static task
static1
Behavioral task
behavioral1
Sample
93508e2693621bbf6d2a315d396b3252_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
GH.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral3
Sample
GH.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral4
Sample
GH.apk
Resource
android-x64-arm64-20240603-en
Behavioral task
behavioral5
Sample
bazhangsdkdex.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral6
Sample
bazhangsdkdex.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral7
Sample
bazhangsdkdex.apk
Resource
android-x64-arm64-20240603-en
Behavioral task
behavioral8
Sample
box_djsdk.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral9
Sample
box_djsdk.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
93508e2693621bbf6d2a315d396b3252_JaffaCakes118.apk
-
Size
25.9MB
-
MD5
93508e2693621bbf6d2a315d396b3252
-
SHA1
ad6df290e4c5e1df5062356fef89994fa9f887e2
-
SHA256
d69f27f8b2e2f7c479bf795e6e53b6f35f3cd3b24fe1c179cf1bf804e4e56e88
-
SHA512
13bda3b8141fd2b6e55eec04c5e6e785b89d937ee614af796de4d2a39c1924f9b02548fbfc019bff57ef247f9ff30c1ca9827bc6935ffe007c0738112b725086
-
SSDEEP
393216:irFy3tjq5vVTq8X5ngg/6B5lAI5LpIoV2eHXELXS1m/5iNzp4mTlNHkrkTKbDCzJ:33tATb67LxpI4HHXELC1m/mVIQ/J
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Requests dangerous framework permissions 17 IoCs
Processes:
description ioc Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Required to be able to access the camera device. android.permission.CAMERA Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD57f7781704eb5300c5eedd7bc19b1cb5d
SHA11aee8138dacee5e9524d527c6059495002dabc7a
SHA2564fe1395f98cf5647382442661ae64fb3f8f5b5503a06b355a88b3499422510d3
SHA512c962697fe7c699416267cfea6059f815d44eb2bd44472009b5b74e27982d65c590a19d8aa4cb64107d0e0ae825ff4e70d9bf9c9b5dfcae2bb6597a772b536ebc