Analysis
-
max time kernel
65s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240603-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240603-enlocale:en-usos:android-9-x86system -
submitted
05-06-2024 16:58
Static task
static1
Behavioral task
behavioral1
Sample
98b09f1db7095fbebebba9a9ac7bea1a_JaffaCakes118.apk
Resource
android-x86-arm-20240603-en
General
-
Target
98b09f1db7095fbebebba9a9ac7bea1a_JaffaCakes118.apk
-
Size
5.9MB
-
MD5
98b09f1db7095fbebebba9a9ac7bea1a
-
SHA1
3631a9c2bc108b6291a5a9e4c460576000a2e112
-
SHA256
1fb042dba160e40ddc3e3afeb9f13c11a35cc147f9385cdf461c5ff652384fa0
-
SHA512
e361c3a4564c67104ebaed666e8860f3b17fa06b6d3172a7592ba2e6b3e00af13fa1055c6653ccfcbe630fa58fded4d585ba5a341adddd85356e03df7cd9e3cb
-
SSDEEP
98304:iu49cpmPs18QnopLyclCab/UKEHlXwD0lZWbJoYgkDmjjb3uzyr1TjLPGm7vb2:M9lY8Qopyc9OHNRjWbJo3sEayr1HR32
Malware Config
Signatures
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org 1 IoCs
flow ioc 6 alog.umeng.com -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.gamebox_idtkown -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.gamebox_idtkown -
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.gamebox_idtkown -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.gamebox_idtkown -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.gamebox_idtkown
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
MD5ce6135aa1b1fe4f2c2db2a546d2a5558
SHA179b59582154017aadab783dc266fcb158c252940
SHA2567b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA5122839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4
-
Filesize
36KB
MD55d7ea1a23af19b4340cc8d90f28297d5
SHA14cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA51233071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b
-
Filesize
512B
MD5bd82fb6c967ced623517cf13244f967d
SHA158d269ccfacf56799658ae636ad80f20a43b7f98
SHA25641b8e44180416c56caf44aa5ac4d53d75ae5e2277eef8f41276cf4251d23d35a
SHA5129f0211a63358a396df475d12b4c74172f0ea540250a1ef4886b9f013b0be4581708824f3a476544ed5d9b84ba900796fdcff25c3d01e0e2b583efd0dc121dcac
-
Filesize
16KB
MD54beac0d6f91d92d885c04d945772308c
SHA1eb9b09633c5ca638ca6dabf56bec1b00367ab621
SHA2561a34cdc91da8c46ba58333c383673ae160fd3a1d493d834472f72c2b86a8146e
SHA512764dc1643c4ce5c4c8ebe21bc4ba479ca98de4c4a570807effb6784814acd6c7ab16ef44d48e6d0771eeb98652778ce4607197b0496a7dd0d9d6a4cfae379835
-
Filesize
48KB
MD586be5b8a054efa2d388aee36afcbfe43
SHA19479cf5e6cd957fcf83f49017f6e1b7a875f060f
SHA256e0012deac84063ea3fc466b9ddfefd9696b98d6a1559b675d2e555a04a83b6ac
SHA512434b3d13d79d7963913ae6010a930f9b55a96a54c2466443cb31d5bc5ab296279c6a6fd397b1057b8059afbb81d9211436112b3107b3976f1dadda71b83848ce
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5e88633049ba84c8b60a48ab62b9b5ea6
SHA16f90b7e30d3f2b507e4818538b3931b65d7468f4
SHA256bec919555ef3f34d99bc18265eddbc55176abdffb28370e5342167e9c54afc02
SHA51293d1431a73648ce48a8fc1a6a82011358389b32edfa607632b7cf78fa3e0cd295b26f5f641199182ad52d529d7a07de3a9f7c9cd08bd475129a33fbf7fbd4c01
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
84KB
MD5e2eb795ca8629c73b6d293be45898bd8
SHA107f54af31c03afc0a421d422582a09d4f062443d
SHA2564b8e29ba1ff26cedd693c8c036918cf8ea4f4b4748423d939e730172b76469c1
SHA5123e07f67e5aa5c9f18a25cac7303839535b54758d03293946df0b55d35c950ca13f1c2b856948273b22e291f94a743bf35d2b8694f5268ff24b949b6044cd6702
-
Filesize
1KB
MD53673bec5bfc0e0d4c405997cce6234d8
SHA109ad541341623f03b89cf9cf1500528a9fe0cd59
SHA256be9fbc111dc3b5e34af482d560dc4edddde166e7652ad47b250e4dae12def9a7
SHA512c9efdf1d098ce1cae2453fa9861b31dffbcee9a56bdfa714ab5a0d7d83cbe7f0819586826898dcb55442e488e8ff0379ee18fccbf186ae873835d1d3aa4ce306
-
Filesize
162B
MD50436d2b073310a63702c70fecf0fa239
SHA15ae7dbc6283fcaeb2535379d24917821d524aeb8
SHA2565b959e36daa11017a7f6f65dd5f82f174b581ff267fff57988a8d9b2d8d8cfe1
SHA512651fe92389790cc50705bc5d529d5ebc6e7a7774658d576aa6806a484ce55d1eaacd07fb05fa4c76fab8373006e8e994fcc7412cf9329f398337e912f5b4390f
-
Filesize
138B
MD5f25af4c36c6af2244d09e243fd166d22
SHA1baa71c62f22b0907b118d6acbd18bbf6aa325a45
SHA25618c5b3c76df45ce0d6ada38ff3b4ede8915c736f6047e4a646b167d25ddce1f2
SHA5121f48c495e8b8bbbd5b0a5a0f26acc24dc8e01210a0ab83e1e6c7dfbfe5db745be9206870e69077fd85889444252e64d56b34b0e94441f6cc81ceb1a75a48d052
-
Filesize
2KB
MD5d3c5230a81e2da0b28cd2e791ca1c309
SHA1a100625b352de9618f8dc3a0f65895a199d705bb
SHA256f8843897a413ac88cbf589ef49bce694ccfa04b30ef44ef0a1c8ae78d0be924d
SHA512ce10693a12789f473b7207db31c70c75583ea5c671e69003cf8a5e6a0579fdefa5651bb56f632dea6376b73b5c31ca382d358c065b3be9d35fa129309db785e5
-
Filesize
498B
MD5930f2d5403b18ad5dc2a6a6f74d0cd1f
SHA1742e3773f1a5619358bc851f3733f5c7504680c9
SHA2562ee0ef58d419c2be89bec35a0a73a795a740659ac7db7d7e5ebd4feddcfb141d
SHA5120a61a98504c023e1d8da928163942d7fdded5e76fa15522e49edfc5475e60202c7ffc2816e22511012f81140efc1555ea76eae7b0dfbbe894c37d7aba2f54c34
-
Filesize
111B
MD50a71dd9daac87282141d86be6c312763
SHA13e57eecddbbec7e450bfe5c036527167caed5d85
SHA256fea3e5153f1226f5eb26772f27c89e7183f702d9687039c8e56fd859f6fdd25c
SHA5122db60ea03bdd219c2694d9b8c97ffcd0880bae49b853622f0db081db8f85c0c637473f17468c7f6c4e1a9e6d27bded1359c7e7ae0e1465a4110bf96f02d08415
-
Filesize
111B
MD51e9468bac5a2ec29ccbb8dfe2bc46383
SHA180061b84f9f9cf2134f33c69e965f80faba9e183
SHA25694b20251cfeb36da3f626bab2c388ae68eb9836efe885cd316cc473f9593c50b
SHA51245108f0aa518917f999e292cdc352013c75185cdfeb64092d766bb58346b6142da314ef5fedb5857b28a41f282e02062202155777a087da84a8f5bbeede4bdae
-
Filesize
222B
MD545cbde1ce779382cf8d41f9656c0f4ae
SHA1c042e68d204f5c3c8219c1d2d10fbb7c842e6316
SHA256975110ef1568cbb8b921768dda2a302f3ad67455bd11efaa0149bc9fae3d9395
SHA5121057aad35add38a34c882839b5e5172e05bf0403b8f2baf6b64f9206bd513e4508f43467fc9bf9dbb010e08da507afeae31b7abae2619f58dfefb2374eadca5f
-
Filesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03