Analysis
-
max time kernel
148s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240603-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system -
submitted
04-06-2024 19:51
Static task
static1
Behavioral task
behavioral1
Sample
960f321ea40284d2448f74fa084a4152_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
960f321ea40284d2448f74fa084a4152_JaffaCakes118.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
960f321ea40284d2448f74fa084a4152_JaffaCakes118.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
960f321ea40284d2448f74fa084a4152_JaffaCakes118.apk
-
Size
1.8MB
-
MD5
960f321ea40284d2448f74fa084a4152
-
SHA1
fcdcd49a1e27efc3caa1f702e8ab90fa890c9b57
-
SHA256
51a20d14b3b6eca1f88f974f4eb85ccbbd95e6e869434e244b600f9b7cbea4f0
-
SHA512
5076f8aea374878f9e26f3fa381ee8549b14975099f8a5552eb38e2604824ec06f697570f8fbefd5f0118070ed6213f43dfd7238fdb7d18607466badacb87c74
-
SSDEEP
49152:4co+NV20WMDDgH8YRaomEBN3/o0QK73Z5m:4b+SJMocY3BNvo1R
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
Processes:
com.blueboat.justtwopics.hackdescription ioc process Framework service call android.app.job.IJobScheduler.schedule com.blueboat.justtwopics.hack -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.blueboat.justtwopics.hack/databases/evernote_jobs.dbFilesize
16KB
MD558c0b6e45328752b20ac6e719ac034f8
SHA1372b2638afd00bbbc4034657b3df3d2e428fb367
SHA2569d74f93afa5a179b1ba2f19f154b2880aa8b99c88209802099045a0874d2426a
SHA5122d347d5824b9ab701e341c89e8327a95fd6bab8e92ee15ce9550da368d773e22bff304072a4854df5ab763750a7401f7aa61a49e3292d62c27fa9f20536eb3ab
-
/data/user/0/com.blueboat.justtwopics.hack/databases/evernote_jobs.dbFilesize
16KB
MD55053568be969343dfa106ea0d14460dc
SHA107cc5c512a932f877055e9b695b6cbf860463c07
SHA256a0fa5272916a71f34f9861f788302de1b23b91e81ab72218da6f808831bff5ab
SHA512329f552451e2d42fc46a2c850465365481c4e9a83a51aa74a620b0dd79276ccae5763b1e97eea278312795407631929e9640a5b4820983a0096bba837e4b2b99
-
/data/user/0/com.blueboat.justtwopics.hack/databases/evernote_jobs.db-journalFilesize
512B
MD57b0b4e7b1dc4968dc4ebea717fff53c0
SHA11ceec37828d1ac2f636c19334d766703c6c5bec9
SHA2568d4fdd0e450e1b75d72a29874313b1fd0146caa3d1fe910befc2ab360b5f840f
SHA5123f90eebe152d7fd43f677a821f5c7df9f778e8a82e8d582ef43d2a529101b1c6fbc0524ac132ee1762b71895cc715bdf6dcad459b0db0c546211c2e5611c87c4
-
/data/user/0/com.blueboat.justtwopics.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5b4efb61cebf894480a5616dc3e670899
SHA102c36ebde7095f089168524877e8075f8d2d6ab2
SHA256efca648a5a0da5c3a3dca6bfa267f5ca8fa71261dc4fe069551013ebc91aeaa2
SHA5125f83a7483c625a1ff51976776f4d02550da20f9c2fd0030e9cb8d424acc90d7040d6b8d9b699eeb9b2333b066505d3a19cfb42248030b2e8b385a8cb277b9bf9
-
/data/user/0/com.blueboat.justtwopics.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5f29bf106012921c13a682d9b4167b074
SHA1379e10f7bcb7b7d12bcc1e865ac2b88e53feba9e
SHA256660a6c25a4afff1a30c73a1a9adc6408c5da4769d5545d2953c00209b18ef23c
SHA5123219d6f1d9c9cb59ddb07abecfbb1d40e0bc54939e0f7cddcb37c9e6cfa51f3fa9070a0f07a9e36b827a62cc6d3585bdadb76ad67a15124fe5e4b44f8ff5a2e5
-
/data/user/0/com.blueboat.justtwopics.hack/databases/evernote_jobs.db-journalFilesize
8KB
MD5984ca624ea4dccade8f9524c8653359f
SHA1ab7649913433659ecf5cb9d0587f44d8e6f59f8b
SHA256f720577a4ff4737b059e12172f97630a094dc6e828bfb63e2ccaa501d856f566
SHA5124c32664687bd4af99f211a7e1e743a0578171cc9c3e9d2812beaf117ce1a63bf4b1f7d61d9a695a7507c1326e85decb36bf38358ae4d0963115340fa2e8f7db9