Analysis
-
max time kernel
63s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
04-06-2024 01:58
Static task
static1
Behavioral task
behavioral1
Sample
93577b03dbb1214799afde46e44658f4_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
93577b03dbb1214799afde46e44658f4_JaffaCakes118.apk
Resource
android-x64-20240603-en
General
-
Target
93577b03dbb1214799afde46e44658f4_JaffaCakes118.apk
-
Size
5.4MB
-
MD5
93577b03dbb1214799afde46e44658f4
-
SHA1
2c3cd7411a649d0a63fcf31a948d8068e8e70427
-
SHA256
d2fde978c2a430642d7a6a1b5f752b34595080dc21ae6f863379faa5f2b712c1
-
SHA512
1d3bb4e6da7995e08f05f45f7955f4c3227f3d27d5eeea84b09298a56db08cc25887c3d3eff28f073eb35419f72eabadf3466826f898243b9758c42b29535e60
-
SSDEEP
98304:lcmNYhFN8dvUgEpb8M0BF1hba9gLw4C1foG3iUTcguZYVpX5afdhqZ:KVkvLEpbuBFXaIwt1fZluDHqZ
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process File opened for read /proc/cpuinfo com.bjfxtx.zsdp.superdist -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.bjfxtx.zsdp.superdist -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.bjfxtx.zsdp.superdist -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bjfxtx.zsdp.superdist -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 6 alog.umeng.com -
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
627B
MD5ab0bb6281e88be4451132ea48d3b74fa
SHA1dcb1d15d7e910dcf4a6128a9e41baf42ecbdd3e1
SHA25644881ed00038116048e093b76d0c0193bcb36dbca93d261bb501140bf5ba76dc
SHA512948209bc6ad7ab20bbf033b40fc4fcc4d622cf0b66bc4d2d8ad0ccc47c40cddabe4da4e7755bba5bea125ac3987c7063ef15c5b5f378d4c759c4427e496c4ba4
-
Filesize
162B
MD55f61ba80d61549e83ae28076090ff6ba
SHA1a52b4c752501d543da8b90a7f11c87447df08a66
SHA256ce3b684afc1d8a7a354b3506848458240655e41cef6f2526e94e31cb731ea591
SHA512fb9d27fff5fed3c644bb6d1967f635e8c0eb966b0b788f68f00d6c5739dd1a6a7d971f3cce60b6924d667203b5af6773b8f9cfd5733da138dca357ee0d3456bb
-
Filesize
159B
MD57d7eb6a69c15a11159be110c1638e274
SHA1731e051f2de932488df9d8160724ddc3e664b3bb
SHA256fac9dddca06c66ac533f1268cab4059f5f865e585e338fb365dbfb06398ac1cf
SHA512fe4cd9fb1a1b419f213702a041d814c366ab2238703ffa56d5bfd0d0ddac2267cb5a8186267f33c3191386508cf86608bd95bc2f47ad8197d2600fd8bdace70a
-
Filesize
310B
MD51189437c77d0106c0723d8cc666f5b4e
SHA120865838460a5b7a8e7a6c3499b49a01207aca68
SHA256a1d9c0392faf1f211a7d83e21866f3730b78f9650cf1020345765e5c32156f42
SHA5129a066158cbdaf3e7c36136c652f0f7c8040ff19105dc9c57c6bb20713444b8cdeb8c0c8f916f5a986a3224d5b50008eb00fc9174c8520a8920a04588f79eb200