Analysis
-
max time kernel
123s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
05-06-2024 16:43
Static task
static1
Behavioral task
behavioral1
Sample
98a9162c74f5c71d344cf69635fb3709_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
General
-
Target
98a9162c74f5c71d344cf69635fb3709_JaffaCakes118.apk
-
Size
19.4MB
-
MD5
98a9162c74f5c71d344cf69635fb3709
-
SHA1
b7a93be163d5cde164ea012bca490ecb97a59ce2
-
SHA256
1290669536c842e48d7825cf7fa302c937aac8c919b4f585a9411103eea794e4
-
SHA512
e5cd5f7d889e9c94f2b5f4dfd39dea7fbd65b2864b79aa5047555f195323b87af4b3b3d0b76cd6cc7175268bb00fb27cceb2a41d6955f306470faa2cd1308556
-
SSDEEP
393216:tVZhDyr5xQxfQpmzS2RHgaSmU/fuzT309HKpPUzRZ6:tVmr5xCQ8tdU/fIQMkRZ6
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
ioc Process /system/bin/su com.estrongs.android.pop /system/xbin/su com.estrongs.android.pop -
Checks known Qemu pipes. 1 TTPs 2 IoCs
Checks for known pipes used by the Android emulator to communicate with the host.
ioc Process /dev/socket/qemud com.estrongs.android.pop /dev/qemu_pipe com.estrongs.android.pop -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
description ioc Process Framework service call android.app.IActivityManager.getRunningAppProcesses com.estrongs.android.pop -
Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.
description ioc Process Framework service call android.net.wifi.IWifiManager.getScanResults com.estrongs.android.pop -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.estrongs.android.pop -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.estrongs.android.pop -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.estrongs.android.pop -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.estrongs.android.pop -
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
description ioc Process Framework service call android.app.job.IJobScheduler.schedule com.estrongs.android.pop -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.estrongs.android.pop -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.estrongs.android.pop
Processes
-
com.estrongs.android.pop1⤵
- Checks if the Android device is rooted.
- Checks known Qemu pipes.
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
PID:4296
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD518fc436ded42f0389b16900257f3f279
SHA1317b2c5613d93bb55053a2d3654606367d15ae69
SHA256aad8a057735d28b69cdace474d5446a4d2136768d45596376241951611699898
SHA512fbf96478dda6d19d56f0c67578bfc64b1fe4a46243c2351842263d7cdfb7f567056c246e54bac6d5b67bb4beda050cf0d7a241a091e9e7c64377c04dc9f2d3b9
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5a737623b1258c64eddc1b4bc665742da
SHA162b7392233256bbc26a07904678b7582aea62731
SHA256d2d371e858c1970a1ca3ed9b7747480bb97634bc35f2643ad3d5c28d462c4aaf
SHA512cf766f5980de70462072b517998651174113054fe975062960c08d458993601bb7520f7ba5354d0c537f7f045ac5cf770b997dc6c0647c86821b6e6105773e7a
-
Filesize
148KB
MD5bda29dc7a7b9f1cb5dd0ea3fd882a92b
SHA1788fee38d24baca58aae7676f799411ed8b08564
SHA2568a10e5704dcf49ce1124f6f754873003f318250edbd303369f84953455db93b2
SHA512ad392ae130d30d9dbb78628c938dc66e12007d01674de6d14a1b89f02d1614886403e6cdaa37ab5579eb3581dd804c41aa5dfb8057d84b1954ccf6bdcbd0fd98
-
Filesize
88KB
MD5beb27599c90f30d5f061e01051216c22
SHA13eb13d28acc38725e541d9f47ad1d7d3c85e58f5
SHA256902f3e3ec2cf9dca7bc1705147cc61d9b02959bd8c2ae19900215f471cb97b78
SHA51240d31d26e6b3a3e8b640d0f381678dead53965984594c63640c4b8e7b8e8d0ab0c0c5386227b553cf16d977849d78e7103c3fe118ec2a3ea84db0c6ad0a877ef
-
Filesize
20KB
MD50cc56c0ab1fb80270cf08b9c32285865
SHA1825dc01f9ca4798a666603df048e192fc2fce720
SHA2567ceda035c3a38d8c675bdb33eef78cb6f7ce806615fec3a9663b61bdd0cb67b6
SHA51251f1e658a8c68a42423cd9dda44e7a1b4529e17753b133b23dc8eafd511178d74d4f16e2ad3cd445ea32d569bd80c1b866b76e1c8684936e95cc33c3d741a2f5
-
Filesize
20KB
MD5b4163b3833c1b0d968c136c552cc38c8
SHA157a931b5307cf4f5195394c439b4fec1f5e0d914
SHA256b09b8385e1804914b695a6fda9541b9c1e316b09f42ecf34cd296046197da6fa
SHA5127be42c3203b17b9108ff40894f5ea943738e9924690956fb7465e0e53f14597e2eb2599cc2190c9042fc81db54421806adf0f7557a65fa322264423292d304a6
-
Filesize
16KB
MD5800900d007ac190e0084fd872b0f2ccc
SHA1be607dbf638c1d888a1fdda9ce2a9ca57777ae4a
SHA256ca9459666671e9b6c9da7069d7be1551ce38f5188b4f9ee8da03e1ada281126c
SHA512578c4021de0fe237c9ab62926d083ab3bf6836d3006cf95e2c35aeb74136fbf2f353ef9554fdfb456e236289de169364cf632d61e2e2090e37074a24783283ed
-
Filesize
16KB
MD58dd8a71dbef2d2edc91b420fb91721fb
SHA198d7bfff93651995b76e67183644f2fd08de390e
SHA256a6962d31aa70be3ece7d0a998c42204cbeb4c6cef62ad3e540ada549bb7b2b87
SHA5125a6b68b6b78dc129fb078afc426bff98157af16acd1d95e7c06c042e8a86e4204af19fa48bab36f213ae237d5c8b7428b8fe4f272582b69ebac3c6eefb459e10
-
Filesize
16KB
MD5bfcc4be07c0b86db2f4c6f61d59f3da8
SHA1381ff9821ca8cad6709501d84d2bcd7a73228727
SHA256f2a7d1b0532aee22b243bc1ecb2a4a019e7b15f5f5622786f1799cd2433507b3
SHA51211e0dc811f66328189f9c411c6a7f720216134a7e6820691e6acc57368c9febebe636d3e42f8cb3adc3b8e935de03f6e0e9e01b3272fc41c3d545b446a31aa94
-
Filesize
16KB
MD5ec4381b1db86aab8b841f21377e59c72
SHA1b2ca155a31fc6313d6341a2976f9cca72009b446
SHA256dae8f97a21997d6a16d2709ea7f51df100a6f47c293b4cebadeea4afffe2a9ce
SHA51236c2f95f960f4b4a3252b31402989eb624ae3cc41f9d8673d154cc938136d737e2d1e59c6b7119476e14942a9129930b63d9e532b4f066f2e922c56dfd996207
-
Filesize
512B
MD55ef60994d42ad97fcbe0be0c8ac1621f
SHA1081e047111f965136661b6e2c83a380ef40ae395
SHA2562b12a87d81ed8559195fb0cfcc488aa00554afe781022a49562be709d1a0d582
SHA512aad547e9fb457dc717bf9722d18643cf089e2adfe6c74a2b16c581b1397c132096bb8c35a093afc6ae66365b6470f09829c239c2a6db4e77e114d60dbc1f858a
-
Filesize
32KB
MD5b8120b2c1579abca3c2fbffb1dc5dc6c
SHA1ec5f5710c065f668917ee0c61588ab0f625814b7
SHA2561c40f36b01962eaefcd9e831f98d3dd11beb90e85f4f5b6e030b4d8e53f2f593
SHA512446aec7c0a9ccdbf9ba95c379c87df02394a4ffb6387908c83c8c86cdbc353bdda2eafc2da1c5a34029c307dd997c7f9ab5312d52de96fd3538e19044fb45246
-
Filesize
8KB
MD55b5d886148ae58b870fd448f03efaa0c
SHA121f30f9f5daa1a529a21740e6f057dece7436ae0
SHA25613ad925934ce19d6262fc47202acab55b61e5735e9c70e5d78e30a79b06026b6
SHA512c5f6dfd658104554b61325d71efb1c32e6c5da4c53616c7965e464084997167216fe890bdd5dea8a57332cc2c4a3bccb50cf109df3d169175b7a25e917465b74
-
Filesize
4KB
MD513ad0f368c68ff52c9d8386f7654f9ec
SHA1c03aed2f0faaa3cdb5c6ab18f21026de55fd9c0b
SHA256848749b0d948ea236a5df9b4043ffab1dfb8441c1bfe24a764bdc118836ca9c5
SHA5122349417fad4c42827a47a37ed579edc1a57b4cc2627e1d9bab7b4f2b17d5c06267303bd86708f43d27cf41845cddbd18cbc4519cb468ed28e887715b791a70e0
-
Filesize
4KB
MD5a275207263b79d7e4273dca988382acf
SHA17fd31f3c83a99bf77be749ba622bb025a9049e74
SHA256f4adf19e995bd44d75c2008a88f0043a826ccf2f71ac2e80501c7e72a2db1673
SHA51212b3cf966805a6bc7356eb0abbe7750dbfea1a7ecd55ba06d0cd673db944ad804814978e6e61d449caa64eef22464a3d572996da706dc08a2cff70113df34e99
-
Filesize
4KB
MD5522acded204c6d0d8570eeebc836e127
SHA187d7a1309819246da7b488822d92f51ad04f701b
SHA256e18bb80f53edd0b0904ec14a6003d1b89cf3d4c3705bee66f51eb191e9792cc9
SHA5128e982154b584efc4338e1291102fc6f6bebdf17febc941428d290f184cd9984deeda20ecb50f2042abe582f42b7b54d17744ccf00ffb725f6c5131e55409e0e5
-
Filesize
4KB
MD5cf695cb1a745fe120eabfbb955aeef97
SHA170aca8256578e8546160059bcbd3c1680b67e9b0
SHA256cc4a7e50f1b069da2b69a1e82652ddef202e9beb9d6e484f78d886ed38cbf22a
SHA5124652a10175a30e5cb7473c54916f149139166947bf4daeaf22ea5552115f1afd17a5eedb820cc66ca62cc4dbd6dee20ea2d740d617f51abebd55fc246d00d793
-
Filesize
512B
MD5973c1f9788ad06cebb24a4cf7b9311b8
SHA168e629a388f2b985cc4412e9aabb22dbd4c3e149
SHA256df3fde389c7860be99c15335dc9e6d9f3e83235f519ba1e33dc321d1963cd0f2
SHA512c2c4a82f72f4140c53b3bebc3e302c86494c2732dd8fd30aef64d8839d9e890eb1ab2d8e63dadca74a8eddedc7911a739b9ede67acf31bda9ffd52d0cfb369f4
-
Filesize
32KB
MD532884b2603ff434188f5e999085d53b9
SHA13f22e2ffc584d76de72c9f9c5daf5e7f35576492
SHA256b597aa6f6a68c2dcce9e8af721c5e0d9c499a844425ab23289e66188e2abf4ce
SHA512fcd82a024c5894892be178c8bc5fb5196ff6adc37b17e1727fa18ad74e2375d487a8f80e3bdce27df7ddc0460ed99c5a22746075e585ff741d8773fb48a3da83
-
Filesize
20KB
MD574eefb5bfcb7cf134cbe1645f0eaf0e3
SHA191a91789c2854633b93fbac0c74dfb4b44c60d96
SHA25616c8740bfd12b9a02350739c3086f5ceeef60df3d143257a131ab6e4badda491
SHA512b52cf50b18995516b79f841ce580e3a95a022cf13608e201017b62cff7aee74ce12193db464e94511f0ac0e871a114636ebbcf464e7ab794404bed491cbc5e1f
-
Filesize
512B
MD55c211fc42ed255813a6007b0eda551e8
SHA17e4006cd252c58ae0280d105bbea786d5c5b62ba
SHA256dbf97277d01bad61980d32aa1d7b8004629352e6a239679292065b11a867f577
SHA5129c0d1b32a50aadbe27b1adcc816bcd68f53eabc496f83af4cdafe051f9ce6ed1b57cfa35d4b1db627e0fd7abe533949084351249ec2a9989743e347f8d911859
-
Filesize
32KB
MD514cf58785593b5944ac53cb5d2849fce
SHA1e62953ad2833b15169a997a85b38d3ae136cb73b
SHA256e05ebb1450983062046f6abf4dc43c187bdda6137aa1aad646841f4db876dce8
SHA512ecba41765f9dfb7ad52b50dfdbb92a18c0efbe4f0975a5504551add856e54580d89979f229b7fb177814b214ab7539b41b95320fd94aa211af896314e6a646a3
-
Filesize
512B
MD55331339c0b24703fc1cd98e0301ba71f
SHA1a85426b5f142427d731bdb3bd2e1fc3d92e5a3ec
SHA25676d1a7f3ced2ced4319593ec22396c3fa65503e1ed9fdbac3b85d576da37d3b9
SHA512acf0aba5f4a290c08275e2e7799de69239d7ffd93677c7b018dbfc52850113b197794d2a852682b7511730ccd5242118fc943273f8511c0ce13a9c0a0a9a9e14
-
Filesize
173KB
MD5dde9401498744f0ccf181dc33ea79ba1
SHA1c58c57f5a34f849dd42990611e07598ed17873ff
SHA2560ebf274ef05f3608ce195c99f6682505d6384eba4bf1a2e68c3c4800b292ba18
SHA512f7cbb1cda336a728f2b95e15a9ff9d8913d40486c1b740a011cd04ca39b1ddc3f89732657e239d08e14dbeabbb8996e5eefb6e40acc49e13bab071f3736b5582
-
Filesize
272KB
MD520120fcd173023709572b2ca57ce875b
SHA139b1257894230d4571e44fce85c2005cea89a81e
SHA256a08d32e868ba1ba664a83500585c9b71a6b2ae5d49d78cf71e81314714f5c8e0
SHA51282ec0a66888649a6cbb9c457fe55dc6e6e998bfdf4b71479c24bd4728c797ca772a87be9a3cc854ea947e1d243fd68a15bb112808e8a3b4e5e049b3ee8035d74
-
Filesize
260KB
MD5d91965f3ea8199fb82dced68cbb7ed63
SHA1d7ce83b544f301852a970741e17c47a96446c000
SHA256642aa4f903e315297c9f0245a4c22c98e00e88a25edf62b7d1e575a20da320db
SHA5129976ce29bba18378f588321abf47da228be91a808480d284448394560a728e1771f087caddc2296ee3985d62a3cb14f591064e614f82105a9bf2b204cf7066ef
-
Filesize
68KB
MD586545a0076162492fff5e9097251503b
SHA10cc10da34eb41328ef28584002cb6f4ac4ee238e
SHA256b3c2670e3a919b8239d66b5995ece95014196f738eb5d8e30a564342bdeedca1
SHA5123b1567e455a77c7eba95be80ff3b4d24575072bb7e44bc33f21f8345584d70018ceccf4a8e736a1e35f9fbb4529ac68559a5823645fac56e3534533b5d360133
-
Filesize
512B
MD5b0c753e728ada2dc1198eeb990d959c8
SHA11f7098e17c457da475a41cac0657cef05ab3ce1a
SHA2562f0e533be1233700de0eb1afe2aea8251ceaefe25a0a3aa467d218f59f43c9ca
SHA512c3f1be76abd82fb36185226bb5a90d0e3884bfbe6c39bd5e5ab243133444dfef1c825004ea973a8542eba8a4af8b6de926fe10bb47d987fe5018da648467543b
-
Filesize
285KB
MD572807ba5af4ef5116cad668dc62425cd
SHA11451bcc1bd6a836eae6ee39d28007a2fe70e8943
SHA256b42495749975da5e428dbee0944b355b7d9cf31541f832e28620f8522616df69
SHA51221a77139fcbbf47d794fa6b05d7c6746890563331c4d2e44e9fec9226568e9791017bc2f0b27dd991e062f8c92f8fd6ae16f66e20361551a089865cdd9f85011
-
Filesize
24KB
MD5a96edbe24b655992d66bebb0e07a73dd
SHA11d134c17bef55adcc45c6ee145d1550e962e9aca
SHA2561c5eb43f673d182238ad6e7db84de0daf41143019787ba10e505d6c2df1ff063
SHA512853520296c3e273fe61c50f0bc7a18152f8206f264c15269c3769f8593eedb855b33753617b86753bde0daef516c43c60bad456254ad66b5b42c348803e1b659
-
Filesize
16KB
MD5bf1aabc1eefad0bdb1e2adda36ecd356
SHA1d25e9e775b428f21dcffb8dba5f8c4a08f958d4a
SHA256081dfd1a46608ed205552b8c45f58ab6880a0974c5bda0e848907f344ecdd8be
SHA5124eded83a63dc657204693e8b0449777187fb7010bc432654c339b00fedab33f65d82797d4381087a953ffbf753cd58498e1ab87bd487e6079b941de045bdc332
-
Filesize
512B
MD5fa1fd551099d49cbda6df9e0803ca863
SHA1b3f9c892ee2cc781b623a8133e83b96999c7cae0
SHA25675ef75d1b6c4618bf7fb31974f061e0aab1a4fc904175e4ff765441474764421
SHA512adc0c24f1872896e78b3951eb919965538a933408ec8bea21cdeb9dae173217730e8935f19aacf18aba38a2c75f832191f68ee5b7601854beb1106aa7c2f45a5
-
Filesize
60KB
MD5e7b455b1cc60066d41835f7ada8cc879
SHA1961cc1f7d3f9a445967f14c8fe93464cdd07d4c6
SHA256cf42e3a56d65b74138c4e6d40bd24384cee30ba2077c3a445c5de62a369830c9
SHA512fe833881aeac37c79bd7492f81666618ce23b5f3bebee19e12e05eee2ca2b7f72711970b407fe8ee07e6263554efe9fcbd4b3323cfbb4230f06693fa2886f89e
-
Filesize
24KB
MD514fc31d9d0ae4e3f0b842d110eea9041
SHA1c9460d736da11a7e34610a166189686e225edbff
SHA25635dcc59de1c087e48dc6bba2864f95bd67b41d4ce0fa2c3c76bed728dbb28612
SHA512a39fa54b9e49afec824f58290d7ca4421fd248f611fe5a08b0108ff5c3ef025cfb9603cee96b906fb665eaa6e840da40b1bec035fd1641c8a0b63c918bd2f53e
-
Filesize
1024B
MD5b1932fb4148f016b7baa23dd12cd74c9
SHA1a21b7800a101dcc25f7dbd8b01f807b4c2f5c8a7
SHA256ace4713030550c311827217b1d2ac2a5854d612ee1e580511e7518f3fbb3bf66
SHA51259d1bd723e134a577d3289e47513a1dc56c5d6c2b06e54549131a0de16b8e0f766dcb122a111ccd604e335eecd2f6cfef0ea51458dc584b8520dc022f96c7f42
-
Filesize
1KB
MD5052514676291797bbe66794a995cc807
SHA16983a5864070646eaefc84ae88dfcefe8cd2cfa5
SHA256cb5edd1c3769821c19d978465842381b0b7ae3e20c1a4d4f91e0f10f40e72bcb
SHA51207154c075112fe7769bc0dc96bc4c7578669ec90b9543d5d77281b6c78c83808cb17cafb2f547ef713f3e145d5855f0819aa8b1c3979659fe20ad4c5d5591fdc
-
Filesize
1KB
MD5ffdb7edac023304038e41ad9d96357d2
SHA1ad97cf5bc043ad83181a0bc12034e8aad8765525
SHA256bd09af5d1ffb627a8fc4d26d257eade6e85271b605d360ee4908b46a410295ab
SHA5124a508f4da3e7b58b1e39cd0b3170684e612288350e17f74074e088c984250b999aa4ce82371d63eeb6153f5703be7b4a076b7d67d8d4e7305e74783e3cad48aa