Analysis
-
max time kernel
51s -
max time network
188s -
platform
android_x64 -
resource
android-x64-20240611-en -
resource tags
-
submitted
11-06-2024 18:26
General
-
Target
9f2309e1ac62ada4dae6968cedc1b6b7_JaffaCakes118.apk
-
Size
18.0MB
-
MD5
9f2309e1ac62ada4dae6968cedc1b6b7
-
SHA1
78abf15dba2bc61fbbd6a657d0a9e14f91cf0b98
-
SHA256
85f65a894a077095a3fa894669b77637bc66c5a07ad3086c9bc61839e00ade36
-
SHA512
0dc73b44dadaf9e3287c7471ca6185f38f02526e9fef3ffc55bb3d3f60cc41f59fa45aed7ef655df730ab2cd3f6069f7a509e6315e49450dec4f694fe507291d
-
SSDEEP
393216:q6hHhi9u22GDfRuyrmrHd0axa6CdxcFBiMhy9REdE7IdHrfNqcla2x1rFC:RVyIG7NmygoLcfRhyoCgLfNqB2x1k
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
cn.gloud.shafa101⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
245B
MD52a0b602d62d4a26d5f56cf8f48b85af2
SHA12db43ddbe342ebe59c06f7374fdd1f93ee399c7c
SHA2567a2a1cbbfae414d813bfe1716b029cd5bee0e4322ca41c78df3e96c0236f5d7c
SHA512140986f266ee67f10f4d80bc5ad87470c728efd03fffabf42e4f4eddca95ebcead71dde290341702739c0ea21987a5779416981a59168364cd92bd8b9e9394e5