Analysis
-
max time kernel
47s -
max time network
148s -
platform
android_x64 -
resource
android-x64-20240603-en -
resource tags
-
submitted
04-06-2024 10:50
General
-
Target
948eeab43bea60c4e20bc245f76ef785_JaffaCakes118.apk
-
Size
7.0MB
-
MD5
948eeab43bea60c4e20bc245f76ef785
-
SHA1
fd675e8cd919e2058d6c3b14aad80941e2fb5e2b
-
SHA256
503b25751fb6f59b2848bebb8739e98f8dd9d6b9b4841ecfe62c1ca771d1c2f0
-
SHA512
73a4c4b4739bce6de97a0fc0a97852ae910adfcfd0f0a56a1c52a04ea34d046005a5d7bc081999a78add792a35299b4a1424068a864d38af848ce35b67f1e40c
-
SSDEEP
196608:AVqjLxqDzak3eFm/KuEOq6vRyRS46f+AVBR:AI0Pak3eFm/KTONgRra+ArR
Malware Config
Signatures
-
Requests cell location 1 TTPs 2 IoCs
Uses Android APIs to to get current cell information.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes
-
ir.ronak.ghazabasibzamini1⤵
- Requests cell location
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about the current nearby Wi-Fi networks
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
9KB
MD5e8e0527a01aefdb89afd2c508f131da1
SHA1f1103e6b260c657ceb3d95f1b023af3fda8b133a
SHA256f809447486f89fcaa74f87e06d126d103d37eb2b3157e88f2c06d989b2c284ce
SHA512fb53683a83f1068d0f94567b156e6a8910c45b1b5f33db919f7e0b9c55eab28507a235ef76d44d5b549599ea3b54dbc00496a633339d276a80f395da938d6d34
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
24KB
MD51abcda6a809a2f4f08027a16cf1c51c1
SHA1c1ea388813a6c6b7ed922cbc4fb5860030c9981e
SHA2561567635e81fb152e8b5469972fe4c26d58614a425e7472d9634600513cb15c1c
SHA512f09633c3512f73287b7faf7cc18a1f740c9c0a6ebaaf8504cbe692d14eaf92e673ac32d476d4baf9e93a6b2f5328dcf3cf4fa9c4fed204099849e417e3c7d00e
-
Filesize
512B
MD5886a3b7241121bdd026758d6a16df90c
SHA1d53c0820265f6facca02135fc4422e9bb1063344
SHA256124558da8a6d616c6874479c702bddd41c5acc09fc02339d0d69cf1662bac13b
SHA512b3ababa5e22e5812ad9d4b880a6f7b073187ba76425c83bc7ee5a583a7c3f7bdc9dacaa3beb4d056ba24805cb351aee0f52622092c70a7445873f426a24299db
-
Filesize
8KB
MD5881e50ecf65d61bd885bbe6cc1aedbfa
SHA1ad72cfafc5c90b165c19deed00f0db208c2a1fb8
SHA256677f43d1eef734bd392427941ef20875e5c5bebd67d0ebbe1ffe5b520993227d
SHA5122d69a8509c9d7c69b5a471670c009be033ac1a09f0713a29061920770ff072bcf791008f69889c6e6fe9901729de24e531212d5850027d61c3a7d8ab29f62721
-
Filesize
8KB
MD5a0fcc48a58ec30b2ef2d0c43adfa05be
SHA1a58024047821300f038462a4e5b989026001a6cd
SHA2568ab23467a24a7461e9896c08b73cd2dff94ab4025c1df6897e7a2f65f9965a86
SHA512d54d07771d5260d98a83d0d1d7d29277335efea17f970832250ee6ce0c6bdab300037444cbbcf8aa0174d865a22a06481c8d585935f2df51cad9a93b1b35366a
-
Filesize
8KB
MD5254840e26efcbc73d30fb5b385e04341
SHA119721c8c3c507446caba91ece470bf632c743977
SHA2569cb559bfe7da993ca560cfea9f7e5396eb9c5ecfe19d0740a03b7e99ecb1dc61
SHA512c39b745e55aafd9aeeac7503caf32d65291591f382941fb2ae6e8cdd65e8c482993d256ad3e3d184a1ba8fe0037f383052fbf305a977a5c6e63057d9f8326a5e
-
Filesize
8KB
MD5bbd11b4f199b2cabe88b157dcfe0b65d
SHA10ef5283d2958680483104a6a72c3687031342715
SHA25641d0d175843d03bc99ed2b537efb0a12e1ce23a48a261ee7c685914a98e3070d
SHA5124a12d3f972174160483f854ab6a86f5f79eb5fea518e321b73e332e87992b15670afbdf151314eeeaacad7703afd8175cbadedd4daa4cba24e7dc348a90bcab7
-
Filesize
24KB
MD5b1bf81ee10909749e59ce8d18a572a54
SHA16b775ff52977ee953447a0058e69173a287a0671
SHA2560019efb4b01478cec06db51035cd7277e4ac8ac3896b5a68f2f0e39e30264aef
SHA5121082e7b095b85e8fca4edb40e7a629890347e0916bdd7166f75af98dfed91b63c738c3b6e71fba7fb3cb022ac49d1661b620528baaa56eb19082e19ce71f98e0
-
Filesize
16KB
MD5e2282956bf33243e0e6d06d5b8dc9189
SHA1fcc2b5cd995ff797a5fcc99e884f1100f8a6f307
SHA25642fe96e74362f3d123f3e4359d4c09d6c02346eb7abd7806d85e7573789e0116
SHA51271a1923dd49465e1095057f80a8920462bc6b881b35bb04b9e85e9a92f0394367c3c885d3248775ca9f146641e86a5af5a61d98c1c1aea3e064d6d0dfadf2a31
-
Filesize
512B
MD59eb1858a371311c043b33c7af7c65d8c
SHA127c73b56ea17c64ed2fc86049637d04da5155fa8
SHA2562fac58e2bcd00b7063bc78c08e8b6e63e62ce6fc5c14d798f41385b1a852d7be
SHA5121b3348be7d1f24cce4a25b4a56e2c86aa77e8718346afd6794f15d9c3b60888ee76c768ebab6932e8fc56f0ce183bdcf53fd4ce24f25225fa47545df1f8757ef
-
Filesize
8KB
MD5afd39b3e45719116c5c4d9d0c156413b
SHA11be3caa2ba7686e0b61d4058999f2d97ce0bde28
SHA25688eaa201d6b4c83bed3f4a72894d269541b2b024feba0c4c99955f8a85eea076
SHA5127aefeaf71eb5decbcf5b3a2e44b24d7df92859ded79f7a181d7b2c322ab544f76e8e0705b0111adc71b16843b151244f01fc222f36c10a68f7c01bb9829fe5c9
-
Filesize
8KB
MD5ce6ca1387569c9edc5b867202e5135a6
SHA1b315a79e32e1df823baaf6beac27835667282674
SHA256c08419170ade06dadf96a67f36ceed82cdcb224aef373e8ce37ef31b904e6d2f
SHA51277c6427613d2466df9268506b925aa5d6ca1779a3b26d2b24dcfaa46b7872e023ee61e3c72a191276cbc85c58409b7563fdf98713aa02ec37ca0b84cdfc18696
-
Filesize
8KB
MD55a074b9a4623751e8e7f819eba1e774b
SHA1ffd574f53b3467017c734c4e73312dbd4b3b2da3
SHA2564e7a25905cfdf0a1b7abe2074ac55238765ca9ae4ba81f2bdb1cb064ba922aa0
SHA5129ab40b2a2d3c44b95f18b9973224ee23139e173fe9450f900c3f6d8e3efd54b22366e9965b4e5c5d357879737207c7121f11c6ce208aabdfc64d24a3b4e12743
-
Filesize
8KB
MD5b16e4cc659371c4d4ccf0e52d964b719
SHA18999405101451054c4a03134dbb63ab19676f9f8
SHA2560a72ec0b68c545da39539318adff5f38554ad6daf52ac860df7bab5ab537398c
SHA512aa5e61b0f68155cf68153d0a95f57240844348bd0d4ef52278dbb99724856a57225bc790586b65d6e09fa7f51a89413ba8feb7c6c660b5c77eab2d02744163d7
-
Filesize
8KB
MD5b98c8d577ac6358835f875a23ecbbe8a
SHA1bc7223a4f39cf6eb9461ff7d5012054d5f3ee345
SHA2569568452dc59381d9693c9696dec5fc07b6d532e8884e105da7f3422060ba3e17
SHA512a6502b426af8a50dcc5247d17b8c77f322f790e381fece723e2209eb6c67ca16e926e9fc740bb2b9dff30e91d750c29b1f4c145807a3e26b8d7d9a8f5c8d9b49
-
Filesize
16KB
MD5350d690a2ccfb34f923a6e66197c4467
SHA1426a4aaac4bcac9fb133ea4d708df89bdcc1afc0
SHA2562c2b0afcfcd7d475d9318daec4c8d97c9dceebb22a9829816f2376690adbc740
SHA51259499d9087202b4e8e1ed83001565ffd5b06e2fd3a6db772cb176c79679fe820dd8a6665851163cd6a53bbb12eac52815bfeab411cc1ee3af16322c201421418
-
Filesize
16KB
MD5602491861d4e0be3142bc2d26a1a7e1e
SHA183fdf2960db85eff1a2481ca2133da4f83073ae9
SHA2562b4f0c2c1d3faa6636cb3d794665aa222669b63218d822a51a9e27f896784704
SHA512339ed10e56a9dc5c341214b611d78d702a52aa06ee26d4e0854c6524791adda9149e45135c2d0833d4dabe9f55f7a3073e5f0521cfd3e4c3e9f4f976b0e00464
-
Filesize
16KB
MD579e0647df15a6fcff5d01d9fef023e0d
SHA1b2ac4519ecfab191ed31273144310d6291a70ed2
SHA25680d106d001545a19de02bcfe1563e6a89001aef85185205c62f1906d5c612a80
SHA512fabd438b3c93a642fae65437a3b2e939f8ff23e449b6fa91673705dc4bc04abbb06e14e48f1679306509b26c1732c1291d375f5312c1d2e241b1c3118dcf3175
-
Filesize
16KB
MD53ce671ebd43d9fd9b5c5f9609efed66b
SHA11a2c9f3e7cf404d4d513ad276a388fb3ce7f15b0
SHA256bed1563d66259f2066c68263dba06ed3c23ecdccd6583227a6335fb19cb56c1d
SHA51257eca224777bc66b375be7b62a8a0ac61c940621830611e8f54efc4701e6ae6fdb29bf5950cd8eabc7c8573a01774ac6fff38c12037abd5b7ecf97c228f55d37
-
Filesize
16KB
MD5d2845eee747d763d7fcd0542c31e4578
SHA1e3c77884173f1d760fc4af130a3572094aefea10
SHA256acb3d51741d0541bede39514a7eb7329b793164de404bd840abc165ce01a1314
SHA5128e116650ded8ca5087671390b11811512c72b1d235fd8228d7e6952dacaf4df79380e6f0be1b5568ac831696956a615f6ee0247d138c271ed042e91cf6b6e218
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
8KB
MD5aebc50cf950d359c9154c7c91acaebbc
SHA1046356665b8a592bb38d5f4310dda1cb7b055c40
SHA2568a3ddc39c9577e4b3e374ff070015bf657e34e8f4809de5a109e2e4d5d00028c
SHA512c6208154cd123caec8c6aa73b16cc023240290763dd77a63ed9d268c3fc19da068b9374ced9c16b7ab8dcd20ab7565c27bbd55bdc314168579eb48f72092c967
-
Filesize
512B
MD5b3fac2847e24f23f7e68a1de7b80aa05
SHA1abe2f38daf52cad31e91d808096a91116b1952d3
SHA2561d88953782511c0d35255f529dcf31d0bb1a8a6769661d70d2bfcd59046947aa
SHA512e1ff43e409bd05aa0ef78d434e09250e09b8d7f4461aef8d361e07abe80e1f74539cf1dcc4cef5b3dedd831c44d06b78d3a47ef34f1d596fa72658d6e23cc384
-
Filesize
8KB
MD536dada496b37c7463531c81b4dc09b6a
SHA17a675fd6f106b3329b2457a60092ce933ebf88fd
SHA2569b628a75a30039e1d9015fc0511fa5fbda0d6addba6cc2649599e1610e553afa
SHA512a71ad6741279f6476850ee9d68a9c194a05e33f6f71d3a105750c920cc6bfcf74eb9c083e7f8bcc269178b9b6f38881f4778b81eb435d270d7fbc36f52af3b27
-
Filesize
4KB
MD5f8b2d1425912556822823ec0325d921c
SHA10dfc035579a9681ddd458aee8ef93df9e41da496
SHA256ac1f61a9beceaf89c998bf857786a7783663753edeee659a0b71b728cd1e114d
SHA5127986847a2bbe6365884d65350462fad3e3648bbe31a57ed1446ee86af6d977d5db35919b6fa8bbe1b66aa1f7b1e7108608eedff0da809eeab1a01475dc84dc51
-
Filesize
8KB
MD5d2fe8e997fea634353a7722b2dce9e39
SHA1eea9fc8629acb7492ccb479627253327ffccbcf2
SHA2561d949c8a9d4d4615f89f31d2f621419f935686dc542be0698f0ee8fbe14330bf
SHA5126883dad76e9208b64de9d64076449513d18a9994efb184f34ca5bf1d381ebfa32b611c36c1bd522d1ecadf6c8e2401589fa29314cc6657ff54377a0c8357b291
-
Filesize
8KB
MD58b611750646b10b1bca74a4ea7095705
SHA1e7d9a91713ab1393d53365bfa87736aad170b02b
SHA2567c94dc0cb13ead9fdf493f57e373677a78969179d289d62df26176450e6687e9
SHA51242e2ba78cd18a4426e06b288ab36042b0de9c6dbd9ccac3ec0603fcba99f82c96e5165d62313e843ee8ddd999d14302dd0a203be7a7f60ea910593c3688e5c4e
-
Filesize
11.0MB
MD53ee9167ca71f1ac8d3195bbfac42a159
SHA1dba0c1c007870a1ed7824459f2e4bfa45927934c
SHA256745c538ad35c680a7a4cfbd4340d5f0944e7c703d48f7dcab13a0077121d5184
SHA512289ca38f05575c97aa138a2787ed86555c7fb2ba12885297556f85f69157c836d87178e31110b570419bcce2946403645fc06193e97989f63fdfdbdd1bc63a00
-
Filesize
2KB
MD587393c22d5e79692a4452285d1222923
SHA19d0dc5e672ebef88e210da31ce21b81baa6e2cea
SHA2567d9afa897df0027e090a14e17c347fd63f826c4022a7fa44d5ced24575c24cf4
SHA512b67a492bfb7a1a60ba40b492b805499515555feb0db0b8a43cbb7a9fb566a2b3a07d1ba1c9075f7cfedc0de6c2cb33911e1395f5faae507b4f708cc67476b4c6
-
Filesize
20KB
MD5fde2ee00cbd121cfab5290b078aa3ceb
SHA1e2b77d5320e155e413d040a8c20020962065b2f8
SHA2562897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685
SHA512a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56