Analysis
-
max time kernel
64s -
max time network
185s -
platform
android_x64 -
resource
android-x64-20240603-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system -
submitted
04-06-2024 01:58
Static task
static1
Behavioral task
behavioral1
Sample
93577b03dbb1214799afde46e44658f4_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
93577b03dbb1214799afde46e44658f4_JaffaCakes118.apk
Resource
android-x64-20240603-en
General
-
Target
93577b03dbb1214799afde46e44658f4_JaffaCakes118.apk
-
Size
5.4MB
-
MD5
93577b03dbb1214799afde46e44658f4
-
SHA1
2c3cd7411a649d0a63fcf31a948d8068e8e70427
-
SHA256
d2fde978c2a430642d7a6a1b5f752b34595080dc21ae6f863379faa5f2b712c1
-
SHA512
1d3bb4e6da7995e08f05f45f7955f4c3227f3d27d5eeea84b09298a56db08cc25887c3d3eff28f073eb35419f72eabadf3466826f898243b9758c42b29535e60
-
SSDEEP
98304:lcmNYhFN8dvUgEpb8M0BF1hba9gLw4C1foG3iUTcguZYVpX5afdhqZ:KVkvLEpbuBFXaIwt1fZluDHqZ
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process File opened for read /proc/cpuinfo com.bjfxtx.zsdp.superdist -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.bjfxtx.zsdp.superdist -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.bjfxtx.zsdp.superdist -
Checks if the internet connection is available 1 TTPs 1 IoCs
Processes:
com.bjfxtx.zsdp.superdistdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.bjfxtx.zsdp.superdist -
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
Processes:
flow ioc 6 alog.umeng.com -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
594B
MD505a2cceff0f99f1eb2dad58cbfbe885b
SHA1598e5402121fab0eb123a1f5157298d6c44872bd
SHA2566ac086eff29e504f5c770a4d8099fe4fa5879a183ce26aea909aaa9b1c2155c2
SHA512d9e7723f5eff045d1d1c1bff97512e0fc787951d70a79011196d27ebaa68db9ac021c5baac1e654425d4f9d48233cac1d9d327469b837a2dd09a08794e505512
-
Filesize
162B
MD5250e8ebc3f848bccbc2b69987df9fc69
SHA10852d704c6098c047ffe49882291b89becd38285
SHA2560fc1fa7659189ac58d206fd6d101cc2bfc12fe9103b62fad0af1ec7903961974
SHA5120a4c4ca999b337a5ee8859fb499a5c4e9eb2711ef09a5a8d4f848e0ac11bf393f93cc2fc9de05c9f72ca8fa051f1502e883fc981645224fb88f3b30afd08b0bc
-
Filesize
159B
MD508dbdd0ec6b00541e7a13a8060901d3b
SHA14a5bc775076020f87a9c0f9ed763a9ae40a75d9e
SHA256b3629a27cb97952e41b290b481edf0cf3b63be8fef94bf95ec7cd63dc02e688b
SHA512d1985335613714867fee5e319d927f238faa703813763c8b3d53243e978090e5c38d36aa63282a417e84d7479500c0d497cae12b625f91d662ec972515452709
-
Filesize
245B
MD5b8a9c712ed9ee4318c9a8aa86d0c1a52
SHA114201abc45f846e1b97248134983069c6cb59078
SHA256767bcb1b844c83bfac02d5669e31b4f1e01b08d555e368624eb05157e2f27cc1
SHA512d21356cc4c0f12b110ff536a128a43b7bef1196d6474fb37ca343db90c79c977ec7b6501599619f0553c0fe7e111f98fb28fdad585b874cac2904920ef48cfa4