Analysis
-
max time kernel
159s -
max time network
184s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
04-06-2024 01:05
Static task
static1
Behavioral task
behavioral1
Sample
933a80a5bed9442e26c924b9702835cf_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
933a80a5bed9442e26c924b9702835cf_JaffaCakes118.apk
Resource
android-33-x64-arm64-20240603-en
General
-
Target
933a80a5bed9442e26c924b9702835cf_JaffaCakes118.apk
-
Size
31.0MB
-
MD5
933a80a5bed9442e26c924b9702835cf
-
SHA1
dbdee9269147de30b97931587791076b25daf6e6
-
SHA256
35de678d878131d2cc49e8e47c95b00959a2ba28965ebd898ed2cf9593d8f2bb
-
SHA512
f5e5e11d577c2e7c5b119b1e16b29545aead85cd9b6aeb4b86e5454e2bffacc16107be243d51265dd1dabb52a68f7293c7b7d9a6dc37ceda156a7d12bf3c36fd
-
SSDEEP
786432:18kvvjaolYeiUtHXnRfYyPuN1LWcfvkvV:18kXjVti4tYyPezvk9
Malware Config
Signatures
-
Queries information about running processes on the device 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
Processes:
com.suyuemobi.zwwcom.suyuemobi.zww:coredescription ioc process Framework service call android.app.IActivityManager.getRunningAppProcesses com.suyuemobi.zww Framework service call android.app.IActivityManager.getRunningAppProcesses com.suyuemobi.zww:core -
Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.suyuemobi.zwwcom.suyuemobi.zww:coredescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.suyuemobi.zww Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.suyuemobi.zww:core -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs
Processes:
com.suyuemobi.zww:corecom.suyuemobi.zwwdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.suyuemobi.zww:core Framework service call android.app.IActivityManager.registerReceiver com.suyuemobi.zww -
Checks if the internet connection is available 1 TTPs 2 IoCs
Processes:
com.suyuemobi.zwwcom.suyuemobi.zww:coredescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.suyuemobi.zww Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.suyuemobi.zww:core -
Reads information about phone network operator. 1 TTPs
Processes
-
com.suyuemobi.zww1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4272
-
com.suyuemobi.zww:core1⤵
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
PID:4308 -
cat /sys/class/net/wlan0/address2⤵PID:4419
-
cat /sys/class/net/wlan0/address2⤵PID:4440
-
cat /sys/class/net/wlan0/address2⤵PID:4473
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
132KB
MD575b7982b5bda9989c8482ee147e1e42d
SHA1caf8a37dbf6cdb347d45958cf2c42bd9524d0170
SHA25603e64769d52ed9e9138fff5159b05c3beb55e6c873c75f68f1525926eb4ebc16
SHA512948d1181919163860b479b2a1604414f04f758cbfbd69e97622b6f5933aebd515cb79b0401c5e469d341b7f62c243d1d79f584755914eccdb66bab57da237d6b
-
Filesize
226B
MD5c4e98dc401b2f02c394bd54391c6e64a
SHA1a8a9f5d2a44bacebd4b0908089979592bcd6d042
SHA256f9d9cd7e76507f4aba75b15f05f9d633868ad2171d5fc514f354a6003e7a14f9
SHA512988080b1105a2bf5c2e9df52c930261576aed82ffcb7b6ab40cb08d16abf3ed2a3194ad8e3f390266580ebcb7613a758bf7ebd440d2173bbc089d111e937f119
-
Filesize
231B
MD56a57f3f81ea53e9abe27386c38adb341
SHA1550d4139742264e6522d7194c19b5f3a08bea137
SHA2568cde4bef325affea457cb5615715790a7a47861b0867fbd70bb505b081ae6d19
SHA5124873652254fca632b562d9fd6ca98f55aadddb5ffff4aa979a90f9b463a992831e814da270ca377ccbcb0db46376a0eae505342ad8f309b3e7ca2fe558e04d59
-
Filesize
58B
MD50d210bfb2a0e1f1b4c082a6a0f79de07
SHA1bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1
-
Filesize
512B
MD5e0de1df2017b7adeba037f85e98a703c
SHA19a04a418b9204dc05817e02aff8c653dec9506c5
SHA256e4aa20b1c2ea559e697350c9f546a5122d83c1c2874c11860edc655c0d1ee904
SHA512234ef3f01ba80e17743e0027f874f9720e74e6d4c910b58d7591688fb04fd06746e14b593958cb4beeb3e68f3e414b76dd4c9a03c9387530710e44545180e4ea
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD54ff9feea07afa1dc503b081c2412bc67
SHA1545d7b874500416cc7e7e705bbdb0881efc4780d
SHA25662dff12a5d06ae611e66a6c54c046f754916d49a5fbcf8245592486e420a895c
SHA512ac38fb0fef05f687c0d060de718034c9566cba35b130d62fa910d518f9eff9fc4060b10a93e0719b6ad2e2f0c9c58a5a5a2f4460b4c6db8f5c1e50861fcb32ce
-
Filesize
28KB
MD5d284e7c9a0b7fadb73fa34530d082e36
SHA180b7e78d48f0804551c0ad52f7402d0ba01af7d9
SHA256d4d082dd8c5974f3e64f766ef31ef043453adc9907f8c20ea28aa41cd67216c1
SHA512cee6894040da8fd6dee98526530680bc659b0f138ad724d007040ad0ef76f3eb7b8a6556532b259da838b27b5395935899a5a0a280e3c68f3e5a66a2ae4b7dbd
-
Filesize
68KB
MD556d3d63caa782f7abe51163823bbba6f
SHA10f5986838580dbf8c8a9221b9aa849761fb4c57b
SHA256f025926be9b2c78957f1a93ec150adfa6c8e2577a887c44d640cc8e748f61616
SHA5125d2b3713bf1ca3071b90c9d5ab9803096f82996b8d81b637326a8e55377dbb5560a3139e3d88bebf1760bed6f0fccd599361bc18f8dcab6fe0df74313d64fd1e
-
Filesize
32KB
MD5d497c211d0d6966a5a3eafcb173ec090
SHA100f6884199b5f87b06259163267a811815d9f428
SHA25682877861bdfc6b6550a052594a0b598ed1cdcc58fe11344841605faad74393ee
SHA512e94baafc8265e5776e07e37bf5cda091f79bc645214284dd061a07edb4b9386ea85e7a7b9e7a87640179c8d98d8ec9be1a9e0ca236aafece7a73b7dbee1e30ac
-
Filesize
4KB
MD5666442ccff7868c58773cd56afea33d5
SHA1b1cb8bee7fb7cea081de68d7b21bb52fd0344184
SHA25698cef5ce1fef8721e2f69d5a6dc31f961df35ecf5a4237cf351a378ca7887293
SHA512d2501d05a6e97ad004d11a870bcd512ee4c7425300241276b1be3b2a70d1545485e6949e2b42c09f4d99ab0cbc17710c1ebe599d6776c6ad644547a1cccc6260
-
Filesize
32KB
MD567544ed246b9ce31cd117f4da005d513
SHA1e0fb910ee3ad55e387c95929e1b37c339f3fd979
SHA2560c0cfdc9a394d8bf1ddc32e02c0710d60010d40a5afc1f3cff4f64915fd15417
SHA512e10f61bc5af028990321d32506c0551b3106104275f02fe67a086b6f0f9a81a037e3aa41cf808dfe3ee6b0ed1400cbd97d737f12242b24858ba809b519e82048
-
Filesize
28KB
MD5cf845a781c107ec1346e849c9dd1b7e8
SHA1b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA25618619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA5124802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612
-
Filesize
32KB
MD5eb1c0220b13eda9822a42cf39fad100c
SHA185c5d34e465297cf091b8621890f28e50ddb4820
SHA2566d14cf684bb8fefb15e1e81bcd6597cb2d7abfe5b5f4720a34d710440386e794
SHA5128b3bb82c0b4fe69bd923a9eebc2e3012a01bf2d539e5d9f42abfd698d3efd5d0280d0e2b52776889456bb82541a04cc87d1f785084a67095578620ef9363d7a3
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
558B
MD5bef6c019b8ab1ff076f03c4f6a5b1b39
SHA1b3640fae7407115ed8a5ef4d789ffc5f7adb69fc
SHA2565710cee7902c6a02a19db6c79d4b86a8c8a70026bed1371b3579304091048cf0
SHA512ac273213585b522495b583b56e0c1b60c072741fcc3f5ead6b1ec0abc80f37290d1c060b82cf2a1c4af6f92448711a683e2191e91c2f6a53d2a8717d22ed8a4b
-
Filesize
95B
MD542dbc2811e8c0c1adc5156f06be42d83
SHA1826fd91a2fb1208c07e04df053834451a4e4acf5
SHA256faf68d56fb0fe787f1ecc8f904e758e2fe335d37fda2ff292ee873d2a7248aa2
SHA5126bdff5e560a263cc34249077a9c3328a52569e46f0f014a5d046a5bbf9428e5df8cadf900ff33a5e4dec1a659c6cd221ab74ab82c453cd0f9732519fda463280
-
Filesize
139B
MD5e7579b4e48a2ca61dec1a99b230a76fa
SHA17949d8ed45cf34fa162f3c2741f7e8a0f0031a05
SHA2563ea0be25d56f7a423c34d2a069e2f157ff7764da4795f43f3d8f81bb7ddc4315
SHA512f456850ef16ed6f7c7714c453cafff9e9c911aae23e52fb12488f4c49f173ee6a72f2020ae67ff22d73d2d40d2d18d9c1bc2ce64583f648a527c6a1fd0dd32fd
-
Filesize
142B
MD5acb70396710d977e9afed0b8e6018f19
SHA1e79fdd8928c034a3aa9c4d8e623e6c6b92aacf93
SHA256e189637d02817d8f6dd9a18b31649ed811d9cc293a24e8c3499f389610d7a3a8
SHA512471683220fd85d498307d0cc2aac72464670fa3361772ed5959961afb820f5551961a8e941b095680ae239219438c168fdc4b4d14c549f690f2577c840186008
-
Filesize
20KB
MD5e51ecca129d12b603e6b00bf5b995798
SHA12c8aa785508e393cfb2d7dbb9f82fcdc8536d662
SHA25681fc99eac73929ce02c780400d24d162654a5ab9d2d57babb385ab0cdbc4e271
SHA51262aeae3a8e2f3b41bfd6a083a62e5a409c87ab062dd0d577ce8bc546bc0ce40c4bd65e15d4f4a3ff67a8ae3924ec47bb2b70178ff0be16a18887b4419babc753
-
Filesize
146B
MD5bdfbaaac77ed6479ad63d6315a85f15c
SHA11398da9890f709c56fb5c26cde7856e3f2d18e2f
SHA2562e9facece609561d558fbdc9ae44f7e4bb83e9d361ac3675eb94eac25f51ec91
SHA51212310c0958f6f49f199efa29b05dd665551b00b63743465ee04708880bf5135b36efe5aaea631e80a818e02ab8b2f02473b311642823edd1a62397a2610a2d8b
-
Filesize
96B
MD5f064503f2e363b5f017bb6a2f8dc2817
SHA15f10365de53cbcb5da3326463e302492c4f3183b
SHA256f4b94c567b41d2662621565edc4a0885d22e47860f6d5636c536036d2143fa33
SHA512d8ff4fae0d1054c21412ae207e9c04053fe6f476ad3837f3fd58f0bb7e338032c13d9a52de5d0121e371f5662f506c05d65628d37587ac724ddcd420aaf10b0b