Analysis
-
max time kernel
170s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240603-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system -
submitted
05/06/2024, 21:58
Static task
static1
Behavioral task
behavioral1
Sample
9959c3c4327b1cf84a94f5be5dd7f0a0_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
9959c3c4327b1cf84a94f5be5dd7f0a0_JaffaCakes118.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
9959c3c4327b1cf84a94f5be5dd7f0a0_JaffaCakes118.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
9959c3c4327b1cf84a94f5be5dd7f0a0_JaffaCakes118.apk
-
Size
599KB
-
MD5
9959c3c4327b1cf84a94f5be5dd7f0a0
-
SHA1
190b2c2c041993338583b589250bba2280a3b68d
-
SHA256
4ca19f1483983828f566ca9a2ed116b220e84c9ea3116d2662a3a7b9ab3451b6
-
SHA512
562f94639a7258054a56faedfa4bdd329748e7fc5ab44010df63ff1ae2fed301104fc4c45855cf240dc18d80010442e9196c433cd7e73263c33f2f71c82f55ea
-
SSDEEP
12288:Sy8VFfvSOeXs438+7f4pEG6cHwhYVX2MU2ElzgwjIVO0yfKMSYUTcwg:S3VvS7s04P6aUaX2MOlk08yS9wwg
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.appgamefree.camerafx -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.appgamefree.camerafx -
Reads information about phone network operator. 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.appgamefree.camerafx